Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Always use 'this.' when accessing fields 

Apply an Eclipse cleanup rules to ensure that fields are always accessed
using `this.`. This aligns with the style used by Spring Framework and
helps users quickly see the difference between a local and member
variable.

Issue gh-8945
This commit is contained in:
Phillip Webb 2020-07-26 11:51:05 -07:00 committed by Rob Winch
parent 6894ff5d12
commit 8866fa6fb0
793 changed files with 8689 additions and 8459 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
acl/src/main/java/org/springframework/security/acls/AclEntryVoter.java
View File

@ -135,7 +135,7 @@ public class AclEntryVoter extends AbstractAclVoter {
* which will be the domain object used for ACL evaluation
*/
protected String getInternalMethod() {
return internalMethod;
return this.internalMethod;
}
public void setInternalMethod(String internalMethod) {
@ -143,7 +143,7 @@ public class AclEntryVoter extends AbstractAclVoter {
}
protected String getProcessConfigAttribute() {
return processConfigAttribute;
return this.processConfigAttribute;
}
public void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy) {
@ -181,41 +181,41 @@ public class AclEntryVoter extends AbstractAclVoter {
}
// Evaluate if we are required to use an inner domain object
if (StringUtils.hasText(internalMethod)) {
if (StringUtils.hasText(this.internalMethod)) {
try {
Class<?> clazz = domainObject.getClass();
Method method = clazz.getMethod(internalMethod, new Class[0]);
Method method = clazz.getMethod(this.internalMethod, new Class[0]);
domainObject = method.invoke(domainObject);
}
catch (NoSuchMethodException nsme) {
throw new AuthorizationServiceException("Object of class '" + domainObject.getClass()
+ "' does not provide the requested internalMethod: " + internalMethod);
+ "' does not provide the requested internalMethod: " + this.internalMethod);
}
catch (IllegalAccessException iae) {
logger.debug("IllegalAccessException", iae);
throw new AuthorizationServiceException(
"Problem invoking internalMethod: " + internalMethod + " for object: " + domainObject);
"Problem invoking internalMethod: " + this.internalMethod + " for object: " + domainObject);
}
catch (InvocationTargetException ite) {
logger.debug("InvocationTargetException", ite);
throw new AuthorizationServiceException(
"Problem invoking internalMethod: " + internalMethod + " for object: " + domainObject);
"Problem invoking internalMethod: " + this.internalMethod + " for object: " + domainObject);
}
}
// Obtain the OID applicable to the domain object
ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
ObjectIdentity objectIdentity = this.objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
// Obtain the SIDs applicable to the principal
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
Acl acl;
try {
// Lookup only ACLs for SIDs we're interested in
acl = aclService.readAclById(objectIdentity, sids);
acl = this.aclService.readAclById(objectIdentity, sids);
}
catch (NotFoundException nfe) {
if (logger.isDebugEnabled()) {
@ -226,7 +226,7 @@ public class AclEntryVoter extends AbstractAclVoter {
}
try {
if (acl.isGranted(requirePermission, sids, false)) {
if (acl.isGranted(this.requirePermission, sids, false)) {
if (logger.isDebugEnabled()) {
logger.debug("Voting to grant access");
}

10
acl/src/main/java/org/springframework/security/acls/AclPermissionCacheOptimizer.java
View File

@ -63,17 +63,17 @@ public class AclPermissionCacheOptimizer implements PermissionCacheOptimizer {
if (domainObject == null) {
continue;
}
ObjectIdentity oid = oidRetrievalStrategy.getObjectIdentity(domainObject);
ObjectIdentity oid = this.oidRetrievalStrategy.getObjectIdentity(domainObject);
oidsToCache.add(oid);
}
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
if (logger.isDebugEnabled()) {
logger.debug("Eagerly loading Acls for " + oidsToCache.size() + " objects");
if (this.logger.isDebugEnabled()) {
this.logger.debug("Eagerly loading Acls for " + oidsToCache.size() + " objects");
}
aclService.readAclsById(oidsToCache, sids);
this.aclService.readAclsById(oidsToCache, sids);
}
public void setObjectIdentityRetrievalStrategy(ObjectIdentityRetrievalStrategy objectIdentityRetrievalStrategy) {

24
acl/src/main/java/org/springframework/security/acls/AclPermissionEvaluator.java
View File

@ -75,49 +75,49 @@ public class AclPermissionEvaluator implements PermissionEvaluator {
return false;
}
ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
ObjectIdentity objectIdentity = this.objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
return checkPermission(authentication, objectIdentity, permission);
}
public boolean hasPermission(Authentication authentication, Serializable targetId, String targetType,
Object permission) {
ObjectIdentity objectIdentity = objectIdentityGenerator.createObjectIdentity(targetId, targetType);
ObjectIdentity objectIdentity = this.objectIdentityGenerator.createObjectIdentity(targetId, targetType);
return checkPermission(authentication, objectIdentity, permission);
}
private boolean checkPermission(Authentication authentication, ObjectIdentity oid, Object permission) {
// Obtain the SIDs applicable to the principal
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
List<Permission> requiredPermission = resolvePermission(permission);
final boolean debug = logger.isDebugEnabled();
final boolean debug = this.logger.isDebugEnabled();
if (debug) {
logger.debug("Checking permission '" + permission + "' for object '" + oid + "'");
this.logger.debug("Checking permission '" + permission + "' for object '" + oid + "'");
}
try {
// Lookup only ACLs for SIDs we're interested in
Acl acl = aclService.readAclById(oid, sids);
Acl acl = this.aclService.readAclById(oid, sids);
if (acl.isGranted(requiredPermission, sids, false)) {
if (debug) {
logger.debug("Access is granted");
this.logger.debug("Access is granted");
}
return true;
}
if (debug) {
logger.debug("Returning false - ACLs returned, but insufficient permissions for this principal");
this.logger.debug("Returning false - ACLs returned, but insufficient permissions for this principal");
}
}
catch (NotFoundException nfe) {
if (debug) {
logger.debug("Returning false - no ACLs apply for this principal");
this.logger.debug("Returning false - no ACLs apply for this principal");
}
}
@ -127,7 +127,7 @@ public class AclPermissionEvaluator implements PermissionEvaluator {
List<Permission> resolvePermission(Object permission) {
if (permission instanceof Integer) {
return Arrays.asList(permissionFactory.buildFromMask((Integer) permission));
return Arrays.asList(this.permissionFactory.buildFromMask((Integer) permission));
}
if (permission instanceof Permission) {
@ -143,10 +143,10 @@ public class AclPermissionEvaluator implements PermissionEvaluator {
Permission p;
try {
p = permissionFactory.buildFromName(permString);
p = this.permissionFactory.buildFromName(permString);
}
catch (IllegalArgumentException notfound) {
p = permissionFactory.buildFromName(permString.toUpperCase(Locale.ENGLISH));
p = this.permissionFactory.buildFromName(permString.toUpperCase(Locale.ENGLISH));
}
if (p != null) {

12
acl/src/main/java/org/springframework/security/acls/afterinvocation/AbstractAclProvider.java
View File

@ -68,21 +68,21 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
}
protected Class<?> getProcessDomainObjectClass() {
return processDomainObjectClass;
return this.processDomainObjectClass;
}
protected boolean hasPermission(Authentication authentication, Object domainObject) {
// Obtain the OID applicable to the domain object
ObjectIdentity objectIdentity = objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
ObjectIdentity objectIdentity = this.objectIdentityRetrievalStrategy.getObjectIdentity(domainObject);
// Obtain the SIDs applicable to the principal
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
try {
// Lookup only ACLs for SIDs we're interested in
Acl acl = aclService.readAclById(objectIdentity, sids);
Acl acl = this.aclService.readAclById(objectIdentity, sids);
return acl.isGranted(requirePermission, sids, false);
return acl.isGranted(this.requirePermission, sids, false);
}
catch (NotFoundException ignore) {
return false;
@ -110,7 +110,7 @@ public abstract class AbstractAclProvider implements AfterInvocationProvider {
}
public boolean supports(ConfigAttribute attribute) {
return processConfigAttribute.equals(attribute.getAttribute());
return this.processConfigAttribute.equals(attribute.getAttribute());
}
/**

2
acl/src/main/java/org/springframework/security/acls/afterinvocation/AclEntryAfterInvocationProvider.java
View File

@ -103,7 +103,7 @@ public class AclEntryAfterInvocationProvider extends AbstractAclProvider impleme
logger.debug("Denying access");
throw new AccessDeniedException(messages.getMessage("AclEntryAfterInvocationProvider.noPermission",
throw new AccessDeniedException(this.messages.getMessage("AclEntryAfterInvocationProvider.noPermission",
new Object[] { authentication.getName(), returnedObject },
"Authentication {0} has NO permissions to the domain object {1}"));
}

20
acl/src/main/java/org/springframework/security/acls/afterinvocation/ArrayFilterer.java
View File

@ -45,7 +45,7 @@ class ArrayFilterer<T> implements Filterer<T> {
// Collect the removed objects to a HashSet so that
// it is fast to lookup them when a filtered array
// is constructed.
removeList = new HashSet<>();
this.removeList = new HashSet<>();
}
/**
@ -55,14 +55,14 @@ class ArrayFilterer<T> implements Filterer<T> {
@SuppressWarnings("unchecked")
public T[] getFilteredObject() {
// Recreate an array of same type and filter the removed objects.
int originalSize = list.length;
int sizeOfResultingList = originalSize - removeList.size();
T[] filtered = (T[]) Array.newInstance(list.getClass().getComponentType(), sizeOfResultingList);
int originalSize = this.list.length;
int sizeOfResultingList = originalSize - this.removeList.size();
T[] filtered = (T[]) Array.newInstance(this.list.getClass().getComponentType(), sizeOfResultingList);
for (int i = 0, j = 0; i < list.length; i++) {
T object = list[i];
for (int i = 0, j = 0; i < this.list.length; i++) {
T object = this.list[i];
if (!removeList.contains(object)) {
if (!this.removeList.contains(object)) {
filtered[j] = object;
j++;
}
@ -85,14 +85,14 @@ class ArrayFilterer<T> implements Filterer<T> {
private int index = 0;
public boolean hasNext() {
return index < list.length;
return this.index < ArrayFilterer.this.list.length;
}
public T next() {
if (!hasNext()) {
throw new NoSuchElementException();
}
return list[index++];
return ArrayFilterer.this.list[this.index++];
}
public void remove() {
@ -106,7 +106,7 @@ class ArrayFilterer<T> implements Filterer<T> {
* @see org.springframework.security.acls.afterinvocation.Filterer#remove(java.lang.Object)
*/
public void remove(T object) {
removeList.add(object);
this.removeList.add(object);
}
}

16
acl/src/main/java/org/springframework/security/acls/afterinvocation/CollectionFilterer.java
View File

@ -48,7 +48,7 @@ class CollectionFilterer<T> implements Filterer<T> {
// to the method may not necessarily be re-constructable (as
// the Collection(collection) constructor is not guaranteed and
// manually adding may lose sort order or other capabilities)
removeList = new HashSet<>();
this.removeList = new HashSet<>();
}
/**
@ -57,20 +57,20 @@ class CollectionFilterer<T> implements Filterer<T> {
*/
public Object getFilteredObject() {
// Now the Iterator has ended, remove Objects from Collection
Iterator<T> removeIter = removeList.iterator();
Iterator<T> removeIter = this.removeList.iterator();
int originalSize = collection.size();
int originalSize = this.collection.size();
while (removeIter.hasNext()) {
collection.remove(removeIter.next());
this.collection.remove(removeIter.next());
}
if (logger.isDebugEnabled()) {
logger.debug("Original collection contained " + originalSize + " elements; now contains "
+ collection.size() + " elements");
+ this.collection.size() + " elements");
}
return collection;
return this.collection;
}
/**
@ -78,7 +78,7 @@ class CollectionFilterer<T> implements Filterer<T> {
* @see org.springframework.security.acls.afterinvocation.Filterer#iterator()
*/
public Iterator<T> iterator() {
return collection.iterator();
return this.collection.iterator();
}
/**
@ -86,7 +86,7 @@ class CollectionFilterer<T> implements Filterer<T> {
* @see org.springframework.security.acls.afterinvocation.Filterer#remove(java.lang.Object)
*/
public void remove(T object) {
removeList.add(object);
this.removeList.add(object);
}
}

6
acl/src/main/java/org/springframework/security/acls/domain/AbstractPermission.java
View File

@ -65,15 +65,15 @@ public abstract class AbstractPermission implements Permission {
}
public final int getMask() {
return mask;
return this.mask;
}
public String getPattern() {
return AclFormattingUtils.printBinary(mask, code);
return AclFormattingUtils.printBinary(this.mask, this.code);
}
public final String toString() {
return this.getClass().getSimpleName() + "[" + getPattern() + "=" + mask + "]";
return this.getClass().getSimpleName() + "[" + getPattern() + "=" + this.mask + "]";
}
public final int hashCode() {

14
acl/src/main/java/org/springframework/security/acls/domain/AccessControlEntryImpl.java
View File

@ -134,37 +134,37 @@ public class AccessControlEntryImpl implements AccessControlEntry, AuditableAcce
@Override
public Acl getAcl() {
return acl;
return this.acl;
}
@Override
public Serializable getId() {
return id;
return this.id;
}
@Override
public Permission getPermission() {
return permission;
return this.permission;
}
@Override
public Sid getSid() {
return sid;
return this.sid;
}
@Override
public boolean isAuditFailure() {
return auditFailure;
return this.auditFailure;
}
@Override
public boolean isAuditSuccess() {
return auditSuccess;
return this.auditSuccess;
}
@Override
public boolean isGranting() {
return granting;
return this.granting;
}
void setAuditFailure(boolean auditFailure) {

10
acl/src/main/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImpl.java
View File

@ -68,12 +68,12 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy {
Assert.isTrue(auths != null && (auths.length == 3 || auths.length == 1),
"One or three GrantedAuthority instances required");
if (auths.length == 3) {
gaTakeOwnership = auths[0];
gaModifyAuditing = auths[1];
gaGeneralChanges = auths[2];
this.gaTakeOwnership = auths[0];
this.gaModifyAuditing = auths[1];
this.gaGeneralChanges = auths[2];
}
else {
gaTakeOwnership = gaModifyAuditing = gaGeneralChanges = auths[0];
this.gaTakeOwnership = this.gaModifyAuditing = this.gaGeneralChanges = auths[0];
}
}
@ -117,7 +117,7 @@ public class AclAuthorizationStrategyImpl implements AclAuthorizationStrategy {
}
// Try to get permission via ACEs within the ACL
List<Sid> sids = sidRetrievalStrategy.getSids(authentication);
List<Sid> sids = this.sidRetrievalStrategy.getSids(authentication);
if (acl.isGranted(Arrays.asList(BasePermission.ADMINISTRATION), sids, false)) {
return;

42
acl/src/main/java/org/springframework/security/acls/domain/AclImpl.java
View File

@ -121,10 +121,10 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
@Override
public void deleteAce(int aceIndex) throws NotFoundException {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
verifyAceIndexExists(aceIndex);
synchronized (aces) {
synchronized (this.aces) {
this.aces.remove(aceIndex);
}
}
@ -135,14 +135,14 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
}
if (aceIndex >= this.aces.size()) {
throw new NotFoundException("aceIndex must refer to an index of the AccessControlEntry list. "
+ "List size is " + aces.size() + ", index was " + aceIndex);
+ "List size is " + this.aces.size() + ", index was " + aceIndex);
}
}
@Override
public void insertAce(int atIndexLocation, Permission permission, Sid sid, boolean granting)
throws NotFoundException {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
Assert.notNull(permission, "Permission required");
Assert.notNull(sid, "Sid required");
if (atIndexLocation < 0) {
@ -155,7 +155,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
AccessControlEntryImpl ace = new AccessControlEntryImpl(null, this, sid, permission, granting, false, false);
synchronized (aces) {
synchronized (this.aces) {
this.aces.add(atIndexLocation, ace);
}
}
@ -164,7 +164,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
public List<AccessControlEntry> getEntries() {
// Can safely return AccessControlEntry directly, as they're immutable outside the
// ACL package
return new ArrayList<>(aces);
return new ArrayList<>(this.aces);
}
@Override
@ -174,12 +174,12 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
@Override
public ObjectIdentity getObjectIdentity() {
return objectIdentity;
return this.objectIdentity;
}
@Override
public boolean isEntriesInheriting() {
return entriesInheriting;
return this.entriesInheriting;
}
/**
@ -198,7 +198,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
throw new UnloadedSidException("ACL was not loaded for one or more SID");
}
return permissionGrantingStrategy.isGranted(this, permission, sids, administrativeMode);
return this.permissionGrantingStrategy.isGranted(this, permission, sids, administrativeMode);
}
@Override
@ -213,7 +213,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
for (Sid sid : sids) {
boolean found = false;
for (Sid loadedSid : loadedSids) {
for (Sid loadedSid : this.loadedSids) {
if (sid.equals(loadedSid)) {
// this SID is OK
found = true;
@ -232,13 +232,13 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
@Override
public void setEntriesInheriting(boolean entriesInheriting) {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.entriesInheriting = entriesInheriting;
}
@Override
public void setOwner(Sid newOwner) {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_OWNERSHIP);
Assert.notNull(newOwner, "Owner required");
this.owner = newOwner;
}
@ -250,34 +250,34 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
@Override
public void setParent(Acl newParent) {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
Assert.isTrue(newParent == null || !newParent.equals(this), "Cannot be the parent of yourself");
this.parentAcl = newParent;
}
@Override
public Acl getParentAcl() {
return parentAcl;
return this.parentAcl;
}
@Override
public void updateAce(int aceIndex, Permission permission) throws NotFoundException {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_GENERAL);
verifyAceIndexExists(aceIndex);
synchronized (aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) aces.get(aceIndex);
synchronized (this.aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) this.aces.get(aceIndex);
ace.setPermission(permission);
}
}
@Override
public void updateAuditing(int aceIndex, boolean auditSuccess, boolean auditFailure) {
aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_AUDITING);
this.aclAuthorizationStrategy.securityCheck(this, AclAuthorizationStrategy.CHANGE_AUDITING);
verifyAceIndexExists(aceIndex);
synchronized (aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) aces.get(aceIndex);
synchronized (this.aces) {
AccessControlEntryImpl ace = (AccessControlEntryImpl) this.aces.get(aceIndex);
ace.setAuditSuccess(auditSuccess);
ace.setAuditFailure(auditFailure);
}
@ -342,7 +342,7 @@ public class AclImpl implements Acl, MutableAcl, AuditableAcl, OwnershipAcl {
int count = 0;
for (AccessControlEntry ace : aces) {
for (AccessControlEntry ace : this.aces) {
count++;
if (count == 1) {

16
acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionFactory.java
View File

@ -103,21 +103,21 @@ public class DefaultPermissionFactory implements PermissionFactory {
Integer mask = perm.getMask();
// Ensure no existing Permission uses this integer or code
Assert.isTrue(!registeredPermissionsByInteger.containsKey(mask),
Assert.isTrue(!this.registeredPermissionsByInteger.containsKey(mask),
() -> "An existing Permission already provides mask " + mask);
Assert.isTrue(!registeredPermissionsByName.containsKey(permissionName),
Assert.isTrue(!this.registeredPermissionsByName.containsKey(permissionName),
() -> "An existing Permission already provides name '" + permissionName + "'");
// Register the new Permission
registeredPermissionsByInteger.put(mask, perm);
registeredPermissionsByName.put(permissionName, perm);
this.registeredPermissionsByInteger.put(mask, perm);
this.registeredPermissionsByName.put(permissionName, perm);
}
public Permission buildFromMask(int mask) {
if (registeredPermissionsByInteger.containsKey(mask)) {
if (this.registeredPermissionsByInteger.containsKey(mask)) {
// The requested mask has an exact match against a statically-defined
// Permission, so return it
return registeredPermissionsByInteger.get(mask);
return this.registeredPermissionsByInteger.get(mask);
}
// To get this far, we have to use a CumulativePermission
@ -127,7 +127,7 @@ public class DefaultPermissionFactory implements PermissionFactory {
int permissionToCheck = 1 << i;
if ((mask & permissionToCheck) == permissionToCheck) {
Permission p = registeredPermissionsByInteger.get(permissionToCheck);
Permission p = this.registeredPermissionsByInteger.get(permissionToCheck);
if (p == null) {
throw new IllegalStateException(
@ -141,7 +141,7 @@ public class DefaultPermissionFactory implements PermissionFactory {
}
public Permission buildFromName(String name) {
Permission p = registeredPermissionsByName.get(name);
Permission p = this.registeredPermissionsByName.get(name);
if (p == null) {
throw new IllegalArgumentException("Unknown permission '" + name + "'");

4
acl/src/main/java/org/springframework/security/acls/domain/DefaultPermissionGrantingStrategy.java
View File

@ -90,7 +90,7 @@ public class DefaultPermissionGrantingStrategy implements PermissionGrantingStra
if (ace.isGranting()) {
// Success
if (!administrativeMode) {
auditLogger.logIfNeeded(true, ace);
this.auditLogger.logIfNeeded(true, ace);
}
return true;
@ -120,7 +120,7 @@ public class DefaultPermissionGrantingStrategy implements PermissionGrantingStra
// We found an ACE to reject the request at this point, as no
// other ACEs were found that granted a different permission
if (!administrativeMode) {
auditLogger.logIfNeeded(false, firstRejection);
this.auditLogger.logIfNeeded(false, firstRejection);
}
return false;

18
acl/src/main/java/org/springframework/security/acls/domain/EhCacheBasedAclCache.java
View File

@ -61,8 +61,8 @@ public class EhCacheBasedAclCache implements AclCache {
MutableAcl acl = getFromCache(pk);
if (acl != null) {
cache.remove(acl.getId());
cache.remove(acl.getObjectIdentity());
this.cache.remove(acl.getId());
this.cache.remove(acl.getObjectIdentity());
}
}
@ -72,8 +72,8 @@ public class EhCacheBasedAclCache implements AclCache {
MutableAcl acl = getFromCache(objectIdentity);
if (acl != null) {
cache.remove(acl.getId());
cache.remove(acl.getObjectIdentity());
this.cache.remove(acl.getId());
this.cache.remove(acl.getObjectIdentity());
}
}
@ -83,7 +83,7 @@ public class EhCacheBasedAclCache implements AclCache {
Element element = null;
try {
element = cache.get(objectIdentity);
element = this.cache.get(objectIdentity);
}
catch (CacheException ignored) {
}
@ -101,7 +101,7 @@ public class EhCacheBasedAclCache implements AclCache {
Element element = null;
try {
element = cache.get(pk);
element = this.cache.get(pk);
}
catch (CacheException ignored) {
}
@ -131,8 +131,8 @@ public class EhCacheBasedAclCache implements AclCache {
putInCache((MutableAcl) acl.getParentAcl());
}
cache.put(new Element(acl.getObjectIdentity(), acl));
cache.put(new Element(acl.getId(), acl));
this.cache.put(new Element(acl.getObjectIdentity(), acl));
this.cache.put(new Element(acl.getId(), acl));
}
private MutableAcl initializeTransientFields(MutableAcl value) {
@ -148,7 +148,7 @@ public class EhCacheBasedAclCache implements AclCache {
}
public void clearCache() {
cache.removeAll();
this.cache.removeAll();
}
}

2
acl/src/main/java/org/springframework/security/acls/domain/GrantedAuthoritySid.java
View File

@ -62,7 +62,7 @@ public class GrantedAuthoritySid implements Sid {
}
public String getGrantedAuthority() {
return grantedAuthority;
return this.grantedAuthority;
}
@Override

14
acl/src/main/java/org/springframework/security/acls/domain/ObjectIdentityImpl.java
View File

@ -69,7 +69,7 @@ public class ObjectIdentityImpl implements ObjectIdentity {
Assert.notNull(object, "object cannot be null");
Class<?> typeClass = ClassUtils.getUserClass(object.getClass());
type = typeClass.getName();
this.type = typeClass.getName();
Object result;
@ -105,30 +105,30 @@ public class ObjectIdentityImpl implements ObjectIdentity {
ObjectIdentityImpl other = (ObjectIdentityImpl) arg0;
if (identifier instanceof Number && other.identifier instanceof Number) {
if (this.identifier instanceof Number && other.identifier instanceof Number) {
// Integers and Longs with same value should be considered equal
if (((Number) identifier).longValue() != ((Number) other.identifier).longValue()) {
if (((Number) this.identifier).longValue() != ((Number) other.identifier).longValue()) {
return false;
}
}
else {
// Use plain equality for other serializable types
if (!identifier.equals(other.identifier)) {
if (!this.identifier.equals(other.identifier)) {
return false;
}
}
return type.equals(other.type);
return this.type.equals(other.type);
}
@Override
public Serializable getIdentifier() {
return identifier;
return this.identifier;
}
@Override
public String getType() {
return type;
return this.type;
}
/**

2
acl/src/main/java/org/springframework/security/acls/domain/PrincipalSid.java
View File

@ -62,7 +62,7 @@ public class PrincipalSid implements Sid {
}
public String getPrincipal() {
return principal;
return this.principal;
}
@Override

2
acl/src/main/java/org/springframework/security/acls/domain/SidRetrievalStrategyImpl.java
View File

@ -52,7 +52,7 @@ public class SidRetrievalStrategyImpl implements SidRetrievalStrategy {
}
public List<Sid> getSids(Authentication authentication) {
Collection<? extends GrantedAuthority> authorities = roleHierarchy
Collection<? extends GrantedAuthority> authorities = this.roleHierarchy
.getReachableGrantedAuthorities(authentication.getAuthorities());
List<Sid> sids = new ArrayList<>(authorities.size() + 1);

16
acl/src/main/java/org/springframework/security/acls/domain/SpringCacheBasedAclCache.java
View File

@ -62,8 +62,8 @@ public class SpringCacheBasedAclCache implements AclCache {
MutableAcl acl = getFromCache(pk);
if (acl != null) {
cache.evict(acl.getId());
cache.evict(acl.getObjectIdentity());
this.cache.evict(acl.getId());
this.cache.evict(acl.getObjectIdentity());
}
}
@ -73,8 +73,8 @@ public class SpringCacheBasedAclCache implements AclCache {
MutableAcl acl = getFromCache(objectIdentity);
if (acl != null) {
cache.evict(acl.getId());
cache.evict(acl.getObjectIdentity());
this.cache.evict(acl.getId());
this.cache.evict(acl.getObjectIdentity());
}
}
@ -97,12 +97,12 @@ public class SpringCacheBasedAclCache implements AclCache {
putInCache((MutableAcl) acl.getParentAcl());
}
cache.put(acl.getObjectIdentity(), acl);
cache.put(acl.getId(), acl);
this.cache.put(acl.getObjectIdentity(), acl);
this.cache.put(acl.getId(), acl);
}
private MutableAcl getFromCache(Object key) {
Cache.ValueWrapper element = cache.get(key);
Cache.ValueWrapper element = this.cache.get(key);
if (element == null) {
return null;
@ -124,7 +124,7 @@ public class SpringCacheBasedAclCache implements AclCache {
}
public void clearCache() {
cache.clear();
this.cache.clear();
}
}

8
acl/src/main/java/org/springframework/security/acls/jdbc/AclClassIdUtils.java
View File

@ -109,11 +109,11 @@ class AclClassIdUtils {
}
private <T> boolean canConvertFromStringTo(Class<T> targetType) {
return conversionService.canConvert(String.class, targetType);
return this.conversionService.canConvert(String.class, targetType);
}
private <T extends Serializable> T convertFromStringTo(String identifier, Class<T> targetType) {
return conversionService.convert(identifier, targetType);
return this.conversionService.convert(identifier, targetType);
}
/**
@ -128,8 +128,8 @@ class AclClassIdUtils {
*/
private Long convertToLong(Serializable identifier) {
Long idAsLong;
if (conversionService.canConvert(identifier.getClass(), Long.class)) {
idAsLong = conversionService.convert(identifier, Long.class);
if (this.conversionService.canConvert(identifier.getClass(), Long.class)) {
idAsLong = this.conversionService.convert(identifier, Long.class);
}
else {
idAsLong = Long.valueOf(identifier.toString());

54
acl/src/main/java/org/springframework/security/acls/jdbc/BasicLookupStrategy.java
View File

@ -156,21 +156,21 @@ public class BasicLookupStrategy implements LookupStrategy {
Assert.notNull(aclCache, "AclCache required");
Assert.notNull(aclAuthorizationStrategy, "AclAuthorizationStrategy required");
Assert.notNull(grantingStrategy, "grantingStrategy required");
jdbcTemplate = new JdbcTemplate(dataSource);
this.jdbcTemplate = new JdbcTemplate(dataSource);
this.aclCache = aclCache;
this.aclAuthorizationStrategy = aclAuthorizationStrategy;
this.grantingStrategy = grantingStrategy;
this.aclClassIdUtils = new AclClassIdUtils();
fieldAces.setAccessible(true);
fieldAcl.setAccessible(true);
this.fieldAces.setAccessible(true);
this.fieldAcl.setAccessible(true);
}
private String computeRepeatingSql(String repeatingSql, int requiredRepetitions) {
assert requiredRepetitions > 0 : "requiredRepetitions must be > 0";
final String startSql = selectClause;
final String startSql = this.selectClause;
final String endSql = orderByClause;
final String endSql = this.orderByClause;
StringBuilder sqlStringBldr = new StringBuilder(
startSql.length() + endSql.length() + requiredRepetitions * (repeatingSql.length() + 4));
@ -192,7 +192,7 @@ public class BasicLookupStrategy implements LookupStrategy {
@SuppressWarnings("unchecked")
private List<AccessControlEntryImpl> readAces(AclImpl acl) {
try {
return (List<AccessControlEntryImpl>) fieldAces.get(acl);
return (List<AccessControlEntryImpl>) this.fieldAces.get(acl);
}
catch (IllegalAccessException e) {
throw new IllegalStateException("Could not obtain AclImpl.aces field", e);
@ -201,7 +201,7 @@ public class BasicLookupStrategy implements LookupStrategy {
private void setAclOnAce(AccessControlEntryImpl ace, AclImpl acl) {
try {
fieldAcl.set(ace, acl);
this.fieldAcl.set(ace, acl);
}
catch (IllegalAccessException e) {
throw new IllegalStateException("Could not or set AclImpl on AccessControlEntryImpl fields", e);
@ -210,7 +210,7 @@ public class BasicLookupStrategy implements LookupStrategy {
private void setAces(AclImpl acl, List<AccessControlEntryImpl> aces) {
try {
fieldAces.set(acl, aces);
this.fieldAces.set(acl, aces);
}
catch (IllegalAccessException e) {
throw new IllegalStateException("Could not set AclImpl entries", e);
@ -228,9 +228,9 @@ public class BasicLookupStrategy implements LookupStrategy {
Assert.notNull(acls, "ACLs are required");
Assert.notEmpty(findNow, "Items to find now required");
String sql = computeRepeatingSql(lookupPrimaryKeysWhereClause, findNow.size());
String sql = computeRepeatingSql(this.lookupPrimaryKeysWhereClause, findNow.size());
Set<Long> parentsToLookup = jdbcTemplate.query(sql, ps -> {
Set<Long> parentsToLookup = this.jdbcTemplate.query(sql, ps -> {
int i = 0;
for (Long toFind : findNow) {
@ -265,7 +265,7 @@ public class BasicLookupStrategy implements LookupStrategy {
* automatically create entries if required)
*/
public final Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> objects, List<Sid> sids) {
Assert.isTrue(batchSize >= 1, "BatchSize must be >= 1");
Assert.isTrue(this.batchSize >= 1, "BatchSize must be >= 1");
Assert.notEmpty(objects, "Objects to lookup required");
// Map<ObjectIdentity,Acl>
@ -288,7 +288,7 @@ public class BasicLookupStrategy implements LookupStrategy {
// Check cache for the present ACL entry
if (!aclFound) {
Acl acl = aclCache.getFromCache(oid);
Acl acl = this.aclCache.getFromCache(oid);
// Ensure any cached element supports all the requested SIDs
// (they should always, as our base impl doesn't filter on SID)
@ -321,7 +321,7 @@ public class BasicLookupStrategy implements LookupStrategy {
// Add the loaded batch to the cache
for (Acl loadedAcl : loadedBatch.values()) {
aclCache.putInCache((AclImpl) loadedAcl);
this.aclCache.putInCache((AclImpl) loadedAcl);
}
currentBatchToLoad.clear();
@ -354,9 +354,9 @@ public class BasicLookupStrategy implements LookupStrategy {
// Make the "acls" map contain all requested objectIdentities
// (including markers to each parent in the hierarchy)
String sql = computeRepeatingSql(lookupObjectIdentitiesWhereClause, objectIdentities.size());
String sql = computeRepeatingSql(this.lookupObjectIdentitiesWhereClause, objectIdentities.size());
Set<Long> parentsToLookup = jdbcTemplate.query(sql, ps -> {
Set<Long> parentsToLookup = this.jdbcTemplate.query(sql, ps -> {
int i = 0;
for (ObjectIdentity oid : objectIdentities) {
// Determine prepared statement values for this iteration
@ -421,8 +421,8 @@ public class BasicLookupStrategy implements LookupStrategy {
}
// Now we have the parent (if there is one), create the true AclImpl
AclImpl result = new AclImpl(inputAcl.getObjectIdentity(), inputAcl.getId(), aclAuthorizationStrategy,
grantingStrategy, parent, null, inputAcl.isEntriesInheriting(), inputAcl.getOwner());
AclImpl result = new AclImpl(inputAcl.getObjectIdentity(), inputAcl.getId(), this.aclAuthorizationStrategy,
this.grantingStrategy, parent, null, inputAcl.isEntriesInheriting(), inputAcl.getOwner());
// Copy the "aces" from the input to the destination
@ -548,27 +548,27 @@ public class BasicLookupStrategy implements LookupStrategy {
while (rs.next()) {
// Convert current row into an Acl (albeit with a StubAclParent)
convertCurrentResultIntoObject(acls, rs);
convertCurrentResultIntoObject(this.acls, rs);
// Figure out if this row means we need to lookup another parent
long parentId = rs.getLong("parent_object");
if (parentId != 0) {
// See if it's already in the "acls"
if (acls.containsKey(parentId)) {
if (this.acls.containsKey(parentId)) {
continue; // skip this while iteration
}
// Now try to find it in the cache
MutableAcl cached = aclCache.getFromCache(parentId);
MutableAcl cached = BasicLookupStrategy.this.aclCache.getFromCache(parentId);
if ((cached == null) || !cached.isSidLoaded(sids)) {
if ((cached == null) || !cached.isSidLoaded(this.sids)) {
parentIdsToLookup.add(parentId);
}
else {
// Pop into the acls map, so our convert method doesn't
// need to deal with an unsynchronized AclCache
acls.put(cached.getId(), cached);
this.acls.put(cached.getId(), cached);
}
}
}
@ -597,7 +597,7 @@ public class BasicLookupStrategy implements LookupStrategy {
// If the Java type is a String, check to see if we can convert it to the
// target id type, e.g. UUID.
Serializable identifier = (Serializable) rs.getObject("object_id_identity");
identifier = aclClassIdUtils.identifierFrom(identifier, rs);
identifier = BasicLookupStrategy.this.aclClassIdUtils.identifierFrom(identifier, rs);
ObjectIdentity objectIdentity = new ObjectIdentityImpl(rs.getString("class"), identifier);
Acl parentAcl = null;
@ -610,8 +610,8 @@ public class BasicLookupStrategy implements LookupStrategy {
boolean entriesInheriting = rs.getBoolean("entries_inheriting");
Sid owner = createSid(rs.getBoolean("acl_principal"), rs.getString("acl_sid"));
acl = new AclImpl(objectIdentity, id, aclAuthorizationStrategy, grantingStrategy, parentAcl, null,
entriesInheriting, owner);
acl = new AclImpl(objectIdentity, id, BasicLookupStrategy.this.aclAuthorizationStrategy,
BasicLookupStrategy.this.grantingStrategy, parentAcl, null, entriesInheriting, owner);
acls.put(id, acl);
}
@ -624,7 +624,7 @@ public class BasicLookupStrategy implements LookupStrategy {
Sid recipient = createSid(rs.getBoolean("ace_principal"), rs.getString("ace_sid"));
int mask = rs.getInt("mask");
Permission permission = permissionFactory.buildFromMask(mask);
Permission permission = BasicLookupStrategy.this.permissionFactory.buildFromMask(mask);
boolean granting = rs.getBoolean("granting");
boolean auditSuccess = rs.getBoolean("audit_success");
boolean auditFailure = rs.getBoolean("audit_failure");
@ -657,7 +657,7 @@ public class BasicLookupStrategy implements LookupStrategy {
}
public Long getId() {
return id;
return this.id;
}
public ObjectIdentity getObjectIdentity() {

8
acl/src/main/java/org/springframework/security/acls/jdbc/JdbcAclService.java
View File

@ -92,10 +92,10 @@ public class JdbcAclService implements AclService {
public List<ObjectIdentity> findChildren(ObjectIdentity parentIdentity) {
Object[] args = { parentIdentity.getIdentifier().toString(), parentIdentity.getType() };
List<ObjectIdentity> objects = jdbcOperations.query(findChildrenSql, args, (rs, rowNum) -> {
List<ObjectIdentity> objects = this.jdbcOperations.query(this.findChildrenSql, args, (rs, rowNum) -> {
String javaType = rs.getString("class");
Serializable identifier = (Serializable) rs.getObject("obj_id");
identifier = aclClassIdUtils.identifierFrom(identifier, rs);
identifier = this.aclClassIdUtils.identifierFrom(identifier, rs);
return new ObjectIdentityImpl(javaType, identifier);
});
@ -124,7 +124,7 @@ public class JdbcAclService implements AclService {
public Map<ObjectIdentity, Acl> readAclsById(List<ObjectIdentity> objects, List<Sid> sids)
throws NotFoundException {
Map<ObjectIdentity, Acl> result = lookupStrategy.readAclsById(objects, sids);
Map<ObjectIdentity, Acl> result = this.lookupStrategy.readAclsById(objects, sids);
// Check every requested object identity was found (throw NotFoundException if
// needed)
@ -163,7 +163,7 @@ public class JdbcAclService implements AclService {
}
protected boolean isAclClassIdSupported() {
return aclClassIdSupported;
return this.aclClassIdSupported;
}
}

36
acl/src/main/java/org/springframework/security/acls/jdbc/JdbcMutableAclService.java
View File

@ -136,7 +136,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
if (acl.getEntries().isEmpty()) {
return;
}
jdbcOperations.batchUpdate(insertEntry, new BatchPreparedStatementSetter() {
this.jdbcOperations.batchUpdate(this.insertEntry, new BatchPreparedStatementSetter() {
public int getBatchSize() {
return acl.getEntries().size();
}
@ -168,7 +168,8 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
protected void createObjectIdentity(ObjectIdentity object, Sid owner) {
Long sidId = createOrRetrieveSidPrimaryKey(owner, true);
Long classId = createOrRetrieveClassPrimaryKey(object.getType(), true, object.getIdentifier().getClass());
jdbcOperations.update(insertObjectIdentity, classId, object.getIdentifier().toString(), sidId, Boolean.TRUE);
this.jdbcOperations.update(this.insertObjectIdentity, classId, object.getIdentifier().toString(), sidId,
Boolean.TRUE);
}
/**
@ -179,7 +180,8 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
* @return the primary key or null if not found
*/
protected Long createOrRetrieveClassPrimaryKey(String type, boolean allowCreate, Class idType) {
List<Long> classIds = jdbcOperations.queryForList(selectClassPrimaryKey, new Object[] { type }, Long.class);
List<Long> classIds = this.jdbcOperations.queryForList(this.selectClassPrimaryKey, new Object[] { type },
Long.class);
if (!classIds.isEmpty()) {
return classIds.get(0);
@ -187,13 +189,13 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
if (allowCreate) {
if (!isAclClassIdSupported()) {
jdbcOperations.update(insertClass, type);
this.jdbcOperations.update(this.insertClass, type);
}
else {
jdbcOperations.update(insertClass, type, idType.getCanonicalName());
this.jdbcOperations.update(this.insertClass, type, idType.getCanonicalName());
}
Assert.isTrue(TransactionSynchronizationManager.isSynchronizationActive(), "Transaction must be running");
return jdbcOperations.queryForObject(classIdentityQuery, Long.class);
return this.jdbcOperations.queryForObject(this.classIdentityQuery, Long.class);
}
return null;
@ -238,17 +240,17 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
*/
protected Long createOrRetrieveSidPrimaryKey(String sidName, boolean sidIsPrincipal, boolean allowCreate) {
List<Long> sidIds = jdbcOperations.queryForList(selectSidPrimaryKey, new Object[] { sidIsPrincipal, sidName },
Long.class);
List<Long> sidIds = this.jdbcOperations.queryForList(this.selectSidPrimaryKey,
new Object[] { sidIsPrincipal, sidName }, Long.class);
if (!sidIds.isEmpty()) {
return sidIds.get(0);
}
if (allowCreate) {
jdbcOperations.update(insertSid, sidIsPrincipal, sidName);
this.jdbcOperations.update(this.insertSid, sidIsPrincipal, sidName);
Assert.isTrue(TransactionSynchronizationManager.isSynchronizationActive(), "Transaction must be running");
return jdbcOperations.queryForObject(sidIdentityQuery, Long.class);
return this.jdbcOperations.queryForObject(this.sidIdentityQuery, Long.class);
}
return null;
@ -267,7 +269,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
}
}
else {
if (!foreignKeysInDatabase) {
if (!this.foreignKeysInDatabase) {
// We need to perform a manual verification for what a FK would normally
// do
// We generally don't do this, in the interests of deadlock management
@ -288,7 +290,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
deleteObjectIdentity(oidPrimaryKey);
// Clear the cache
aclCache.evictFromCache(objectIdentity);
this.aclCache.evictFromCache(objectIdentity);
}
/**
@ -297,7 +299,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
* @param oidPrimaryKey the rows in acl_entry to delete
*/
protected void deleteEntries(Long oidPrimaryKey) {
jdbcOperations.update(deleteEntryByObjectIdentityForeignKey, oidPrimaryKey);
this.jdbcOperations.update(this.deleteEntryByObjectIdentityForeignKey, oidPrimaryKey);
}
/**
@ -310,7 +312,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
*/
protected void deleteObjectIdentity(Long oidPrimaryKey) {
// Delete the acl_object_identity row
jdbcOperations.update(deleteObjectIdentityByPrimaryKey, oidPrimaryKey);
this.jdbcOperations.update(this.deleteObjectIdentityByPrimaryKey, oidPrimaryKey);
}
/**
@ -322,7 +324,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
*/
protected Long retrieveObjectIdentityPrimaryKey(ObjectIdentity oid) {
try {
return jdbcOperations.queryForObject(selectObjectIdentityPrimaryKey, Long.class, oid.getType(),
return this.jdbcOperations.queryForObject(this.selectObjectIdentityPrimaryKey, Long.class, oid.getType(),
oid.getIdentifier().toString());
}
catch (DataAccessException notFound) {
@ -364,7 +366,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
clearCacheIncludingChildren(child);
}
}
aclCache.evictFromCache(objectIdentity);
this.aclCache.evictFromCache(objectIdentity);
}
/**
@ -388,7 +390,7 @@ public class JdbcMutableAclService extends JdbcAclService implements MutableAclS
Assert.notNull(acl.getOwner(), "Owner is required in this implementation");
Long ownerSid = createOrRetrieveSidPrimaryKey(acl.getOwner(), true);
int count = jdbcOperations.update(updateObjectIdentity, parentId, ownerSid, acl.isEntriesInheriting(),
int count = this.jdbcOperations.update(this.updateObjectIdentity, parentId, ownerSid, acl.isEntriesInheriting(),
acl.getId());
if (count != 1) {

2
acl/src/test/java/org/springframework/security/acls/TargetObjectWithUUID.java
View File

@ -27,7 +27,7 @@ public final class TargetObjectWithUUID {
private UUID id;
public UUID getId() {
return id;
return this.id;
}
public void setId(UUID id) {

10
acl/src/test/java/org/springframework/security/acls/domain/AclAuthorizationStrategyImplTests.java
View File

@ -46,9 +46,9 @@ public class AclAuthorizationStrategyImplTests {
@Before
public void setup() {
authority = new SimpleGrantedAuthority("ROLE_AUTH");
this.authority = new SimpleGrantedAuthority("ROLE_AUTH");
TestingAuthenticationToken authentication = new TestingAuthenticationToken("foo", "bar",
Arrays.asList(authority));
Arrays.asList(this.authority));
authentication.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(authentication);
}
@ -61,8 +61,8 @@ public class AclAuthorizationStrategyImplTests {
// gh-4085
@Test
public void securityCheckWhenCustomAuthorityThenNameIsUsed() {
strategy = new AclAuthorizationStrategyImpl(new CustomAuthority());
strategy.securityCheck(acl, AclAuthorizationStrategy.CHANGE_GENERAL);
this.strategy = new AclAuthorizationStrategyImpl(new CustomAuthority());
this.strategy.securityCheck(this.acl, AclAuthorizationStrategy.CHANGE_GENERAL);
}
@SuppressWarnings("serial")
@ -70,7 +70,7 @@ public class AclAuthorizationStrategyImplTests {
@Override
public String getAuthority() {
return authority.getAuthority();
return AclAuthorizationStrategyImplTests.this.authority.getAuthority();
}
}

98
acl/src/test/java/org/springframework/security/acls/domain/AclImplTests.java
View File

@ -83,12 +83,12 @@ public class AclImplTests {
@Before
public void setUp() {
SecurityContextHolder.getContext().setAuthentication(auth);
authzStrategy = mock(AclAuthorizationStrategy.class);
mockAuditLogger = mock(AuditLogger.class);
pgs = new DefaultPermissionGrantingStrategy(mockAuditLogger);
auth.setAuthenticated(true);
permissionFactory = new DefaultPermissionFactory();
SecurityContextHolder.getContext().setAuthentication(this.auth);
this.authzStrategy = mock(AclAuthorizationStrategy.class);
this.mockAuditLogger = mock(AuditLogger.class);
this.pgs = new DefaultPermissionGrantingStrategy(this.mockAuditLogger);
this.auth.setAuthenticated(true);
this.permissionFactory = new DefaultPermissionFactory();
}
@After
@ -99,41 +99,43 @@ public class AclImplTests {
@Test(expected = IllegalArgumentException.class)
public void constructorsRejectNullObjectIdentity() {
try {
new AclImpl(null, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
new AclImpl(null, 1, this.authzStrategy, this.pgs, null, null, true, new PrincipalSid("joe"));
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
new AclImpl(null, 1, authzStrategy, mockAuditLogger);
new AclImpl(null, 1, this.authzStrategy, this.mockAuditLogger);
}
@Test(expected = IllegalArgumentException.class)
public void constructorsRejectNullId() {
try {
new AclImpl(objectIdentity, null, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
new AclImpl(this.objectIdentity, null, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
new AclImpl(objectIdentity, null, authzStrategy, mockAuditLogger);
new AclImpl(this.objectIdentity, null, this.authzStrategy, this.mockAuditLogger);
}
@SuppressWarnings("deprecation")
@Test(expected = IllegalArgumentException.class)
public void constructorsRejectNullAclAuthzStrategy() {
try {
new AclImpl(objectIdentity, 1, null, new DefaultPermissionGrantingStrategy(mockAuditLogger), null, null,
true, new PrincipalSid("joe"));
new AclImpl(this.objectIdentity, 1, null, new DefaultPermissionGrantingStrategy(this.mockAuditLogger), null,
null, true, new PrincipalSid("joe"));
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
new AclImpl(objectIdentity, 1, null, mockAuditLogger);
new AclImpl(this.objectIdentity, 1, null, this.mockAuditLogger);
}
@Test
public void insertAceRejectsNullParameters() {
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
try {
acl.insertAce(0, null, new GrantedAuthoritySid("ROLE_IGNORED"), true);
fail("It should have thrown IllegalArgumentException");
@ -150,7 +152,8 @@ public class AclImplTests {
@Test
public void insertAceAddsElementAtCorrectIndex() {
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
// Insert one permission
@ -186,7 +189,8 @@ public class AclImplTests {
@Test(expected = NotFoundException.class)
public void insertAceFailsForNonExistentElement() {
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
// Insert one permission
@ -198,7 +202,8 @@ public class AclImplTests {
@Test
public void deleteAceKeepsInitialOrdering() {
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
// Add several permissions
@ -233,7 +238,8 @@ public class AclImplTests {
AclAuthorizationStrategyImpl strategy = new AclAuthorizationStrategyImpl(
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
new SimpleGrantedAuthority("ROLE_GENERAL"));
MutableAcl acl = new AclImpl(objectIdentity, (1), strategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, (1), strategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
try {
acl.deleteAce(99);
fail("It should have thrown NotFoundException");
@ -244,7 +250,8 @@ public class AclImplTests {
@Test
public void isGrantingRejectsEmptyParameters() {
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
Sid ben = new PrincipalSid("ben");
try {
acl.isGranted(new ArrayList<>(0), Arrays.asList(ben), false);
@ -268,7 +275,8 @@ public class AclImplTests {
ObjectIdentity rootOid = new ObjectIdentityImpl(TARGET_CLASS, 100);
// Create an ACL which owner is not the authenticated principal
MutableAcl rootAcl = new AclImpl(rootOid, 1, authzStrategy, pgs, null, null, false, new PrincipalSid("joe"));
MutableAcl rootAcl = new AclImpl(rootOid, 1, this.authzStrategy, this.pgs, null, null, false,
new PrincipalSid("joe"));
// Grant some permissions
rootAcl.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), false);
@ -314,11 +322,12 @@ public class AclImplTests {
// Create ACLs
PrincipalSid joe = new PrincipalSid("joe");
MutableAcl grandParentAcl = new AclImpl(grandParentOid, 1, authzStrategy, pgs, null, null, false, joe);
MutableAcl parentAcl1 = new AclImpl(parentOid1, 2, authzStrategy, pgs, null, null, true, joe);
MutableAcl parentAcl2 = new AclImpl(parentOid2, 3, authzStrategy, pgs, null, null, true, joe);
MutableAcl childAcl1 = new AclImpl(childOid1, 4, authzStrategy, pgs, null, null, true, joe);
MutableAcl childAcl2 = new AclImpl(childOid2, 4, authzStrategy, pgs, null, null, false, joe);
MutableAcl grandParentAcl = new AclImpl(grandParentOid, 1, this.authzStrategy, this.pgs, null, null, false,
joe);
MutableAcl parentAcl1 = new AclImpl(parentOid1, 2, this.authzStrategy, this.pgs, null, null, true, joe);
MutableAcl parentAcl2 = new AclImpl(parentOid2, 3, this.authzStrategy, this.pgs, null, null, true, joe);
MutableAcl childAcl1 = new AclImpl(childOid1, 4, this.authzStrategy, this.pgs, null, null, true, joe);
MutableAcl childAcl2 = new AclImpl(childOid2, 4, this.authzStrategy, this.pgs, null, null, false, joe);
// Create hierarchies
childAcl2.setParent(childAcl1);
@ -376,7 +385,8 @@ public class AclImplTests {
Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_GENERAL");
auth.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(auth);
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, false, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, false,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
@ -404,7 +414,8 @@ public class AclImplTests {
Authentication auth = new TestingAuthenticationToken("ben", "ignored", "ROLE_AUDITING", "ROLE_GENERAL");
auth.setAuthenticated(true);
SecurityContextHolder.getContext().setAuthentication(auth);
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, false, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, false,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
@ -432,8 +443,10 @@ public class AclImplTests {
SecurityContextHolder.getContext().setAuthentication(auth);
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, (100));
ObjectIdentity identity2 = new ObjectIdentityImpl(TARGET_CLASS, (101));
MutableAcl acl = new AclImpl(identity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl parentAcl = new AclImpl(identity2, 2, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
MutableAcl acl = new AclImpl(identity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
MutableAcl parentAcl = new AclImpl(identity2, 2, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
MockAclService service = new MockAclService();
acl.insertAce(0, BasePermission.READ, new GrantedAuthoritySid("ROLE_USER_READ"), true);
acl.insertAce(1, BasePermission.WRITE, new GrantedAuthoritySid("ROLE_USER_READ"), true);
@ -459,7 +472,7 @@ public class AclImplTests {
@Test
public void isSidLoadedBehavesAsExpected() {
List<Sid> loadedSids = Arrays.asList(new PrincipalSid("ben"), new GrantedAuthoritySid("ROLE_IGNORED"));
MutableAcl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, loadedSids, true,
MutableAcl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, loadedSids, true,
new PrincipalSid("joe"));
assertThat(acl.isSidLoaded(loadedSids)).isTrue();
@ -482,19 +495,22 @@ public class AclImplTests {
@Test(expected = NotFoundException.class)
public void insertAceRaisesNotFoundExceptionForIndexLessThanZero() {
AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
acl.insertAce(-1, mock(Permission.class), mock(Sid.class), true);
}
@Test(expected = NotFoundException.class)
public void deleteAceRaisesNotFoundExceptionForIndexLessThanZero() {
AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
acl.deleteAce(-1);
}
@Test(expected = NotFoundException.class)
public void insertAceRaisesNotFoundExceptionForIndexGreaterThanSize() {
AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
// Insert at zero, OK.
acl.insertAce(0, mock(Permission.class), mock(Sid.class), true);
// Size is now 1
@ -504,7 +520,8 @@ public class AclImplTests {
// SEC-1151
@Test(expected = NotFoundException.class)
public void deleteAceRaisesNotFoundExceptionForIndexEqualToSize() {
AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, pgs, null, null, true, new PrincipalSid("joe"));
AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, this.pgs, null, null, true,
new PrincipalSid("joe"));
acl.insertAce(0, mock(Permission.class), mock(Sid.class), true);
// Size is now 1
acl.deleteAce(1);
@ -513,9 +530,9 @@ public class AclImplTests {
// SEC-1795
@Test
public void changingParentIsSuccessful() {
AclImpl parentAcl = new AclImpl(objectIdentity, 1L, authzStrategy, mockAuditLogger);
AclImpl childAcl = new AclImpl(objectIdentity, 2L, authzStrategy, mockAuditLogger);
AclImpl changeParentAcl = new AclImpl(objectIdentity, 3L, authzStrategy, mockAuditLogger);
AclImpl parentAcl = new AclImpl(this.objectIdentity, 1L, this.authzStrategy, this.mockAuditLogger);
AclImpl childAcl = new AclImpl(this.objectIdentity, 2L, this.authzStrategy, this.mockAuditLogger);
AclImpl changeParentAcl = new AclImpl(this.objectIdentity, 3L, this.authzStrategy, this.mockAuditLogger);
childAcl.setParent(parentAcl);
childAcl.setParent(changeParentAcl);
@ -524,10 +541,11 @@ public class AclImplTests {
// SEC-2342
@Test
public void maskPermissionGrantingStrategy() {
DefaultPermissionGrantingStrategy maskPgs = new MaskPermissionGrantingStrategy(mockAuditLogger);
DefaultPermissionGrantingStrategy maskPgs = new MaskPermissionGrantingStrategy(this.mockAuditLogger);
MockAclService service = new MockAclService();
AclImpl acl = new AclImpl(objectIdentity, 1, authzStrategy, maskPgs, null, null, true, new PrincipalSid("joe"));
Permission permission = permissionFactory
AclImpl acl = new AclImpl(this.objectIdentity, 1, this.authzStrategy, maskPgs, null, null, true,
new PrincipalSid("joe"));
Permission permission = this.permissionFactory
.buildFromMask(BasePermission.READ.getMask() | BasePermission.WRITE.getMask());
Sid sid = new PrincipalSid("ben");
acl.insertAce(0, permission, sid, true);

40
acl/src/test/java/org/springframework/security/acls/domain/AuditLoggerTests.java
View File

@ -46,52 +46,52 @@ public class AuditLoggerTests {
@Before
public void setUp() {
logger = new ConsoleAuditLogger();
ace = mock(AuditableAccessControlEntry.class);
console = System.out;
System.setOut(new PrintStream(bytes));
this.logger = new ConsoleAuditLogger();
this.ace = mock(AuditableAccessControlEntry.class);
this.console = System.out;
System.setOut(new PrintStream(this.bytes));
}
@After
public void tearDown() {
System.setOut(console);
bytes.reset();
System.setOut(this.console);
this.bytes.reset();
}
@Test
public void nonAuditableAceIsIgnored() {
AccessControlEntry ace = mock(AccessControlEntry.class);
logger.logIfNeeded(true, ace);
assertThat(bytes.size()).isZero();
this.logger.logIfNeeded(true, ace);
assertThat(this.bytes.size()).isZero();
}
@Test
public void successIsNotLoggedIfAceDoesntRequireSuccessAudit() {
when(ace.isAuditSuccess()).thenReturn(false);
logger.logIfNeeded(true, ace);
assertThat(bytes.size()).isZero();
when(this.ace.isAuditSuccess()).thenReturn(false);
this.logger.logIfNeeded(true, this.ace);
assertThat(this.bytes.size()).isZero();
}
@Test
public void successIsLoggedIfAceRequiresSuccessAudit() {
when(ace.isAuditSuccess()).thenReturn(true);
when(this.ace.isAuditSuccess()).thenReturn(true);
logger.logIfNeeded(true, ace);
assertThat(bytes.toString()).startsWith("GRANTED due to ACE");
this.logger.logIfNeeded(true, this.ace);
assertThat(this.bytes.toString()).startsWith("GRANTED due to ACE");
}
@Test
public void failureIsntLoggedIfAceDoesntRequireFailureAudit() {
when(ace.isAuditFailure()).thenReturn(false);
logger.logIfNeeded(false, ace);
assertThat(bytes.size()).isZero();
when(this.ace.isAuditFailure()).thenReturn(false);
this.logger.logIfNeeded(false, this.ace);
assertThat(this.bytes.size()).isZero();
}
@Test
public void failureIsLoggedIfAceRequiresFailureAudit() {
when(ace.isAuditFailure()).thenReturn(true);
logger.logIfNeeded(false, ace);
assertThat(bytes.toString()).startsWith("DENIED due to ACE");
when(this.ace.isAuditFailure()).thenReturn(true);
this.logger.logIfNeeded(false, this.ace);
assertThat(this.bytes.toString()).startsWith("DENIED due to ACE");
}
}

4
acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityImplTests.java
View File

@ -179,7 +179,7 @@ public class ObjectIdentityImplTests {
private Object id;
public Object getId() {
return id;
return this.id;
}
public void setId(Object id) {
@ -193,7 +193,7 @@ public class ObjectIdentityImplTests {
private Object id;
public Object getId() {
return id;
return this.id;
}
public void setId(Object id) {

2
acl/src/test/java/org/springframework/security/acls/domain/ObjectIdentityRetrievalStrategyImplTests.java
View File

@ -47,7 +47,7 @@ public class ObjectIdentityRetrievalStrategyImplTests {
private Object id;
public Object getId() {
return id;
return this.id;
}
public void setId(Object id) {

10
acl/src/test/java/org/springframework/security/acls/domain/PermissionTests.java
View File

@ -33,12 +33,12 @@ public class PermissionTests {
@Before
public void createPermissionfactory() {
permissionFactory = new DefaultPermissionFactory();
this.permissionFactory = new DefaultPermissionFactory();
}
@Test
public void basePermissionTest() {
Permission p = permissionFactory.buildFromName("WRITE");
Permission p = this.permissionFactory.buildFromName("WRITE");
assertThat(p).isNotNull();
}
@ -54,13 +54,13 @@ public class PermissionTests {
@Test
public void fromInteger() {
Permission permission = permissionFactory.buildFromMask(7);
permission = permissionFactory.buildFromMask(4);
Permission permission = this.permissionFactory.buildFromMask(7);
permission = this.permissionFactory.buildFromMask(4);
}
@Test
public void stringConversion() {
permissionFactory.registerPublicPermissions(SpecialPermission.class);
this.permissionFactory.registerPublicPermissions(SpecialPermission.class);
assertThat(BasePermission.READ.toString()).isEqualTo("BasePermission[...............................R=1]");

18
acl/src/test/java/org/springframework/security/acls/jdbc/AbstractBasicLookupStrategyTests.java
View File

@ -109,9 +109,9 @@ public abstract class AbstractBasicLookupStrategyTests {
@Before
public void initializeBeans() {
strategy = new BasicLookupStrategy(getDataSource(), aclCache(), aclAuthStrategy(),
this.strategy = new BasicLookupStrategy(getDataSource(), aclCache(), aclAuthStrategy(),
new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()));
strategy.setPermissionFactory(new DefaultPermissionFactory());
this.strategy.setPermissionFactory(new DefaultPermissionFactory());
}
protected AclAuthorizationStrategy aclAuthStrategy() {
@ -159,7 +159,7 @@ public abstract class AbstractBasicLookupStrategyTests {
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 102L);
// Objects were put in cache
strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
this.strategy.readAclsById(Arrays.asList(topParentOid, middleParentOid, childOid), null);
// Let's empty the database to force acls retrieval from cache
emptyDatabase();
@ -299,8 +299,8 @@ public abstract class AbstractBasicLookupStrategyTests {
List<Sid> sids = Arrays.asList(BEN_SID);
List<ObjectIdentity> childOids = Arrays.asList(childOid);
strategy.setBatchSize(6);
Map<ObjectIdentity, Acl> foundAcls = strategy.readAclsById(childOids, sids);
this.strategy.setBatchSize(6);
Map<ObjectIdentity, Acl> foundAcls = this.strategy.readAclsById(childOids, sids);
Acl foundChildAcl = foundAcls.get(childOid);
assertThat(foundChildAcl).isNotNull();
@ -313,7 +313,7 @@ public abstract class AbstractBasicLookupStrategyTests {
// cache
List<ObjectIdentity> allOids = Arrays.asList(grandParentOid, parent1Oid, parent2Oid, childOid);
try {
foundAcls = strategy.readAclsById(allOids, sids);
foundAcls = this.strategy.readAclsById(allOids, sids);
}
catch (NotFoundException notExpected) {
@ -333,12 +333,12 @@ public abstract class AbstractBasicLookupStrategyTests {
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
this.strategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
}
@Test
public void testCreatePrincipalSid() {
Sid result = strategy.createSid(true, "sid");
Sid result = this.strategy.createSid(true, "sid");
assertThat(result.getClass()).isEqualTo(PrincipalSid.class);
assertThat(((PrincipalSid) result).getPrincipal()).isEqualTo("sid");
@ -346,7 +346,7 @@ public abstract class AbstractBasicLookupStrategyTests {
@Test
public void testCreateGrantedAuthority() {
Sid result = strategy.createSid(false, "sid");
Sid result = this.strategy.createSid(false, "sid");
assertThat(result.getClass()).isEqualTo(GrantedAuthoritySid.class);
assertThat(((GrantedAuthoritySid) result).getGrantedAuthority()).isEqualTo("sid");

40
acl/src/test/java/org/springframework/security/acls/jdbc/AclClassIdUtilsTests.java
View File

@ -56,13 +56,13 @@ public class AclClassIdUtilsTests {
@Before
public void setUp() {
aclClassIdUtils = new AclClassIdUtils();
this.aclClassIdUtils = new AclClassIdUtils();
}
@Test
public void shouldReturnLongIfIdentifierIsLong() throws SQLException {
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -71,7 +71,7 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongIfIdentifierIsBigInteger() throws SQLException {
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(BIGINT_IDENTIFIER, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(BIGINT_IDENTIFIER, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -80,10 +80,10 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongIfClassIdTypeIsNull() throws SQLException {
// given
given(resultSet.getString("class_id_type")).willReturn(null);
given(this.resultSet.getString("class_id_type")).willReturn(null);
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -92,10 +92,10 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongIfNoClassIdTypeColumn() throws SQLException {
// given
given(resultSet.getString("class_id_type")).willThrow(SQLException.class);
given(this.resultSet.getString("class_id_type")).willThrow(SQLException.class);
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -104,10 +104,10 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongIfTypeClassNotFound() throws SQLException {
// given
given(resultSet.getString("class_id_type")).willReturn("com.example.UnknownType");
given(this.resultSet.getString("class_id_type")).willReturn("com.example.UnknownType");
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -116,12 +116,12 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongEvenIfCustomConversionServiceDoesNotSupportLongConversion() throws SQLException {
// given
given(resultSet.getString("class_id_type")).willReturn("java.lang.Long");
given(conversionService.canConvert(String.class, Long.class)).willReturn(false);
aclClassIdUtils.setConversionService(conversionService);
given(this.resultSet.getString("class_id_type")).willReturn("java.lang.Long");
given(this.conversionService.canConvert(String.class, Long.class)).willReturn(false);
this.aclClassIdUtils.setConversionService(this.conversionService);
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -130,10 +130,10 @@ public class AclClassIdUtilsTests {
@Test
public void shouldReturnLongWhenLongClassIdType() throws SQLException {
// given
given(resultSet.getString("class_id_type")).willReturn("java.lang.Long");
given(this.resultSet.getString("class_id_type")).willReturn("java.lang.Long");
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(DEFAULT_IDENTIFIER_AS_STRING, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(DEFAULT_IDENTIFIER);
@ -143,10 +143,10 @@ public class AclClassIdUtilsTests {
public void shouldReturnUUIDWhenUUIDClassIdType() throws SQLException {
// given
UUID identifier = UUID.randomUUID();
given(resultSet.getString("class_id_type")).willReturn("java.util.UUID");
given(this.resultSet.getString("class_id_type")).willReturn("java.util.UUID");
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(identifier.toString(), resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(identifier.toString(), this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(identifier);
@ -156,10 +156,10 @@ public class AclClassIdUtilsTests {
public void shouldReturnStringWhenStringClassIdType() throws SQLException {
// given
String identifier = "MY_STRING_IDENTIFIER";
given(resultSet.getString("class_id_type")).willReturn("java.lang.String");
given(this.resultSet.getString("class_id_type")).willReturn("java.lang.String");
// when
Serializable newIdentifier = aclClassIdUtils.identifierFrom(identifier, resultSet);
Serializable newIdentifier = this.aclClassIdUtils.identifierFrom(identifier, this.resultSet);
// then
assertThat(newIdentifier).isEqualTo(identifier);
@ -174,7 +174,7 @@ public class AclClassIdUtilsTests {
@Test(expected = IllegalArgumentException.class)
public void shouldNotAcceptNullConversionServiceInSetter() {
// when
aclClassIdUtils.setConversionService(null);
this.aclClassIdUtils.setConversionService(null);
}
}

14
acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyTestsDbHelper.java
View File

@ -50,7 +50,7 @@ public class BasicLookupStrategyTestsDbHelper {
// Use a different connection url so the tests can run in parallel
String connectionUrl;
String sqlClassPathResource;
if (!withAclClassIdType) {
if (!this.withAclClassIdType) {
connectionUrl = "jdbc:hsqldb:mem:lookupstrategytest";
sqlClassPathResource = ACL_SCHEMA_SQL_FILE;
}
@ -59,21 +59,21 @@ public class BasicLookupStrategyTestsDbHelper {
sqlClassPathResource = ACL_SCHEMA_SQL_FILE_WITH_ACL_CLASS_ID;
}
dataSource = new SingleConnectionDataSource(connectionUrl, "sa", "", true);
dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
jdbcTemplate = new JdbcTemplate(dataSource);
this.dataSource = new SingleConnectionDataSource(connectionUrl, "sa", "", true);
this.dataSource.setDriverClassName("org.hsqldb.jdbcDriver");
this.jdbcTemplate = new JdbcTemplate(this.dataSource);
Resource resource = new ClassPathResource(sqlClassPathResource);
String sql = new String(FileCopyUtils.copyToByteArray(resource.getInputStream()));
jdbcTemplate.execute(sql);
this.jdbcTemplate.execute(sql);
}
public JdbcTemplate getJdbcTemplate() {
return jdbcTemplate;
return this.jdbcTemplate;
}
public SingleConnectionDataSource getDataSource() {
return dataSource;
return this.dataSource;
}
}

14
acl/src/test/java/org/springframework/security/acls/jdbc/BasicLookupStrategyWithAclClassTypeTests.java
View File

@ -70,11 +70,11 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku
@Before
public void initializeBeans() {
super.initializeBeans();
uuidEnabledStrategy = new BasicLookupStrategy(getDataSource(), aclCache(), aclAuthStrategy(),
this.uuidEnabledStrategy = new BasicLookupStrategy(getDataSource(), aclCache(), aclAuthStrategy(),
new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()));
uuidEnabledStrategy.setPermissionFactory(new DefaultPermissionFactory());
uuidEnabledStrategy.setAclClassIdSupported(true);
uuidEnabledStrategy.setConversionService(new DefaultConversionService());
this.uuidEnabledStrategy.setPermissionFactory(new DefaultPermissionFactory());
this.uuidEnabledStrategy.setAclClassIdSupported(true);
this.uuidEnabledStrategy.setConversionService(new DefaultConversionService());
}
@Before
@ -93,7 +93,7 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku
@Test
public void testReadObjectIdentityUsingUuidType() {
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, OBJECT_IDENTITY_UUID);
Map<ObjectIdentity, Acl> foundAcls = uuidEnabledStrategy.readAclsById(Arrays.asList(oid),
Map<ObjectIdentity, Acl> foundAcls = this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid),
Arrays.asList(BEN_SID));
Assert.assertEquals(1, foundAcls.size());
Assert.assertNotNull(foundAcls.get(oid));
@ -102,7 +102,7 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku
@Test
public void testReadObjectIdentityUsingLongTypeWithConversionServiceEnabled() {
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 100L);
Map<ObjectIdentity, Acl> foundAcls = uuidEnabledStrategy.readAclsById(Arrays.asList(oid),
Map<ObjectIdentity, Acl> foundAcls = this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid),
Arrays.asList(BEN_SID));
Assert.assertEquals(1, foundAcls.size());
Assert.assertNotNull(foundAcls.get(oid));
@ -111,7 +111,7 @@ public class BasicLookupStrategyWithAclClassTypeTests extends AbstractBasicLooku
@Test(expected = ConversionFailedException.class)
public void testReadObjectIdentityUsingNonUuidInDatabase() {
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS_WITH_UUID, OBJECT_IDENTITY_LONG_AS_UUID);
uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
this.uuidEnabledStrategy.readAclsById(Arrays.asList(oid), Arrays.asList(BEN_SID));
}
}

95
acl/src/test/java/org/springframework/security/acls/jdbc/EhCacheBasedAclCacheTests.java
View File

@ -78,7 +78,8 @@ public class EhCacheBasedAclCacheTests {
@Before
public void setup() {
myCache = new EhCacheBasedAclCache(cache, new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()),
this.myCache = new EhCacheBasedAclCache(this.cache,
new DefaultPermissionGrantingStrategy(new ConsoleAuditLogger()),
new AclAuthorizationStrategyImpl(new SimpleGrantedAuthority("ROLE_USER")));
ObjectIdentity identity = new ObjectIdentityImpl(TARGET_CLASS, 100L);
@ -86,7 +87,7 @@ public class EhCacheBasedAclCacheTests {
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
new SimpleGrantedAuthority("ROLE_GENERAL"));
acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
this.acl = new AclImpl(identity, 1L, aclAuthorizationStrategy, new ConsoleAuditLogger());
}
@After
@ -104,7 +105,7 @@ public class EhCacheBasedAclCacheTests {
public void methodsRejectNullParameters() {
try {
Serializable id = null;
myCache.evictFromCache(id);
this.myCache.evictFromCache(id);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -112,7 +113,7 @@ public class EhCacheBasedAclCacheTests {
try {
ObjectIdentity obj = null;
myCache.evictFromCache(obj);
this.myCache.evictFromCache(obj);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -120,7 +121,7 @@ public class EhCacheBasedAclCacheTests {
try {
Serializable id = null;
myCache.getFromCache(id);
this.myCache.getFromCache(id);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -128,7 +129,7 @@ public class EhCacheBasedAclCacheTests {
try {
ObjectIdentity obj = null;
myCache.getFromCache(obj);
this.myCache.getFromCache(obj);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -136,7 +137,7 @@ public class EhCacheBasedAclCacheTests {
try {
MutableAcl acl = null;
myCache.putInCache(acl);
this.myCache.putInCache(acl);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -150,7 +151,7 @@ public class EhCacheBasedAclCacheTests {
File file = File.createTempFile("SEC_TEST", ".object");
FileOutputStream fos = new FileOutputStream(file);
ObjectOutputStream oos = new ObjectOutputStream(fos);
oos.writeObject(acl);
oos.writeObject(this.acl);
oos.close();
FileInputStream fis = new FileInputStream(file);
@ -158,7 +159,7 @@ public class EhCacheBasedAclCacheTests {
MutableAcl retrieved = (MutableAcl) ois.readObject();
ois.close();
assertThat(retrieved).isEqualTo(acl);
assertThat(retrieved).isEqualTo(this.acl);
Object retrieved1 = FieldUtils.getProtectedFieldValue("aclAuthorizationStrategy", retrieved);
assertThat(retrieved1).isNull();
@ -169,20 +170,20 @@ public class EhCacheBasedAclCacheTests {
@Test
public void clearCache() {
myCache.clearCache();
this.myCache.clearCache();
verify(cache).removeAll();
verify(this.cache).removeAll();
}
@Test
public void putInCache() {
myCache.putInCache(acl);
this.myCache.putInCache(this.acl);
verify(cache, times(2)).put(element.capture());
assertThat(element.getValue().getKey()).isEqualTo(acl.getId());
assertThat(element.getValue().getObjectValue()).isEqualTo(acl);
assertThat(element.getAllValues().get(0).getKey()).isEqualTo(acl.getObjectIdentity());
assertThat(element.getAllValues().get(0).getObjectValue()).isEqualTo(acl);
verify(this.cache, times(2)).put(this.element.capture());
assertThat(this.element.getValue().getKey()).isEqualTo(this.acl.getId());
assertThat(this.element.getValue().getObjectValue()).isEqualTo(this.acl);
assertThat(this.element.getAllValues().get(0).getKey()).isEqualTo(this.acl.getObjectIdentity());
assertThat(this.element.getAllValues().get(0).getObjectValue()).isEqualTo(this.acl);
}
@Test
@ -196,13 +197,13 @@ public class EhCacheBasedAclCacheTests {
new SimpleGrantedAuthority("ROLE_OWNERSHIP"), new SimpleGrantedAuthority("ROLE_AUDITING"),
new SimpleGrantedAuthority("ROLE_GENERAL"));
MutableAcl parentAcl = new AclImpl(identityParent, 2L, aclAuthorizationStrategy, new ConsoleAuditLogger());
acl.setParent(parentAcl);
this.acl.setParent(parentAcl);
myCache.putInCache(acl);
this.myCache.putInCache(this.acl);
verify(cache, times(4)).put(element.capture());
verify(this.cache, times(4)).put(this.element.capture());
List<Element> allValues = element.getAllValues();
List<Element> allValues = this.element.getAllValues();
assertThat(allValues.get(0).getKey()).isEqualTo(parentAcl.getObjectIdentity());
assertThat(allValues.get(0).getObjectValue()).isEqualTo(parentAcl);
@ -210,30 +211,30 @@ public class EhCacheBasedAclCacheTests {
assertThat(allValues.get(1).getKey()).isEqualTo(parentAcl.getId());
assertThat(allValues.get(1).getObjectValue()).isEqualTo(parentAcl);
assertThat(allValues.get(2).getKey()).isEqualTo(acl.getObjectIdentity());
assertThat(allValues.get(2).getObjectValue()).isEqualTo(acl);
assertThat(allValues.get(2).getKey()).isEqualTo(this.acl.getObjectIdentity());
assertThat(allValues.get(2).getObjectValue()).isEqualTo(this.acl);
assertThat(allValues.get(3).getKey()).isEqualTo(acl.getId());
assertThat(allValues.get(3).getObjectValue()).isEqualTo(acl);
assertThat(allValues.get(3).getKey()).isEqualTo(this.acl.getId());
assertThat(allValues.get(3).getObjectValue()).isEqualTo(this.acl);
}
@Test
public void getFromCacheSerializable() {
when(cache.get(acl.getId())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getId())).thenReturn(new Element(this.acl.getId(), this.acl));
assertThat(myCache.getFromCache(acl.getId())).isEqualTo(acl);
assertThat(this.myCache.getFromCache(this.acl.getId())).isEqualTo(this.acl);
}
@Test
public void getFromCacheSerializablePopulatesTransient() {
when(cache.get(acl.getId())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getId())).thenReturn(new Element(this.acl.getId(), this.acl));
myCache.putInCache(acl);
this.myCache.putInCache(this.acl);
ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null);
ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null);
ReflectionTestUtils.setField(this.acl, "permissionGrantingStrategy", null);
ReflectionTestUtils.setField(this.acl, "aclAuthorizationStrategy", null);
MutableAcl fromCache = myCache.getFromCache(acl.getId());
MutableAcl fromCache = this.myCache.getFromCache(this.acl.getId());
assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
@ -241,21 +242,21 @@ public class EhCacheBasedAclCacheTests {
@Test
public void getFromCacheObjectIdentity() {
when(cache.get(acl.getId())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getId())).thenReturn(new Element(this.acl.getId(), this.acl));
assertThat(myCache.getFromCache(acl.getId())).isEqualTo(acl);
assertThat(this.myCache.getFromCache(this.acl.getId())).isEqualTo(this.acl);
}
@Test
public void getFromCacheObjectIdentityPopulatesTransient() {
when(cache.get(acl.getObjectIdentity())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getObjectIdentity())).thenReturn(new Element(this.acl.getId(), this.acl));
myCache.putInCache(acl);
this.myCache.putInCache(this.acl);
ReflectionTestUtils.setField(acl, "permissionGrantingStrategy", null);
ReflectionTestUtils.setField(acl, "aclAuthorizationStrategy", null);
ReflectionTestUtils.setField(this.acl, "permissionGrantingStrategy", null);
ReflectionTestUtils.setField(this.acl, "aclAuthorizationStrategy", null);
MutableAcl fromCache = myCache.getFromCache(acl.getObjectIdentity());
MutableAcl fromCache = this.myCache.getFromCache(this.acl.getObjectIdentity());
assertThat(ReflectionTestUtils.getField(fromCache, "aclAuthorizationStrategy")).isNotNull();
assertThat(ReflectionTestUtils.getField(fromCache, "permissionGrantingStrategy")).isNotNull();
@ -263,22 +264,22 @@ public class EhCacheBasedAclCacheTests {
@Test
public void evictCacheSerializable() {
when(cache.get(acl.getObjectIdentity())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getObjectIdentity())).thenReturn(new Element(this.acl.getId(), this.acl));
myCache.evictFromCache(acl.getObjectIdentity());
this.myCache.evictFromCache(this.acl.getObjectIdentity());
verify(cache).remove(acl.getId());
verify(cache).remove(acl.getObjectIdentity());
verify(this.cache).remove(this.acl.getId());
verify(this.cache).remove(this.acl.getObjectIdentity());
}
@Test
public void evictCacheObjectIdentity() {
when(cache.get(acl.getId())).thenReturn(new Element(acl.getId(), acl));
when(this.cache.get(this.acl.getId())).thenReturn(new Element(this.acl.getId(), this.acl));
myCache.evictFromCache(acl.getId());
this.myCache.evictFromCache(this.acl.getId());
verify(cache).remove(acl.getId());
verify(cache).remove(acl.getObjectIdentity());
verify(this.cache).remove(this.acl.getId());
verify(this.cache).remove(this.acl.getObjectIdentity());
}
}

36
acl/src/test/java/org/springframework/security/acls/jdbc/JdbcAclServiceTests.java
View File

@ -74,30 +74,30 @@ public class JdbcAclServiceTests {
@Before
public void setUp() {
aclService = new JdbcAclService(jdbcOperations, lookupStrategy);
aclServiceIntegration = new JdbcAclService(embeddedDatabase, lookupStrategy);
this.aclService = new JdbcAclService(this.jdbcOperations, this.lookupStrategy);
this.aclServiceIntegration = new JdbcAclService(this.embeddedDatabase, this.lookupStrategy);
}
@Before
public void setUpEmbeddedDatabase() {
embeddedDatabase = new EmbeddedDatabaseBuilder()//
this.embeddedDatabase = new EmbeddedDatabaseBuilder()//
.addScript("createAclSchemaWithAclClassIdType.sql").addScript("db/sql/test_data_hierarchy.sql").build();
}
@After
public void tearDownEmbeddedDatabase() {
embeddedDatabase.shutdown();
this.embeddedDatabase.shutdown();
}
// SEC-1898
@Test(expected = NotFoundException.class)
public void readAclByIdMissingAcl() {
Map<ObjectIdentity, Acl> result = new HashMap<>();
when(lookupStrategy.readAclsById(anyList(), anyList())).thenReturn(result);
when(this.lookupStrategy.readAclsById(anyList(), anyList())).thenReturn(result);
ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 1);
List<Sid> sids = Arrays.<Sid>asList(new PrincipalSid("user"));
aclService.readAclById(objectIdentity, sids);
this.aclService.readAclById(objectIdentity, sids);
}
@Test
@ -105,10 +105,10 @@ public class JdbcAclServiceTests {
List<ObjectIdentity> result = new ArrayList<>();
result.add(new ObjectIdentityImpl(Object.class, "5577"));
Object[] args = { "1", "org.springframework.security.acls.jdbc.JdbcAclServiceTests$MockLongIdDomainObject" };
when(jdbcOperations.query(anyString(), aryEq(args), any(RowMapper.class))).thenReturn(result);
when(this.jdbcOperations.query(anyString(), aryEq(args), any(RowMapper.class))).thenReturn(result);
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L);
List<ObjectIdentity> objectIdentities = aclService.findChildren(objectIdentity);
List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity);
assertThat(objectIdentities.size()).isEqualTo(1);
assertThat(objectIdentities.get(0).getIdentifier()).isEqualTo("5577");
}
@ -117,7 +117,7 @@ public class JdbcAclServiceTests {
public void findNoChildren() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 1L);
List<ObjectIdentity> objectIdentities = aclService.findChildren(objectIdentity);
List<ObjectIdentity> objectIdentities = this.aclService.findChildren(objectIdentity);
assertThat(objectIdentities).isNull();
}
@ -125,7 +125,7 @@ public class JdbcAclServiceTests {
public void findChildrenWithoutIdType() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockLongIdDomainObject.class, 4711L);
List<ObjectIdentity> objectIdentities = aclServiceIntegration.findChildren(objectIdentity);
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
assertThat(objectIdentities.size()).isEqualTo(1);
assertThat(objectIdentities.get(0).getType()).isEqualTo(MockUntypedIdDomainObject.class.getName());
assertThat(objectIdentities.get(0).getIdentifier()).isEqualTo(5000L);
@ -135,7 +135,7 @@ public class JdbcAclServiceTests {
public void findChildrenForUnknownObject() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(Object.class, 33);
List<ObjectIdentity> objectIdentities = aclServiceIntegration.findChildren(objectIdentity);
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
assertThat(objectIdentities).isNull();
}
@ -143,7 +143,7 @@ public class JdbcAclServiceTests {
public void findChildrenOfIdTypeLong() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl("location", "US-PAL");
List<ObjectIdentity> objectIdentities = aclServiceIntegration.findChildren(objectIdentity);
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
assertThat(objectIdentities.size()).isEqualTo(2);
assertThat(objectIdentities.get(0).getType()).isEqualTo(MockLongIdDomainObject.class.getName());
assertThat(objectIdentities.get(0).getIdentifier()).isEqualTo(4711L);
@ -155,8 +155,8 @@ public class JdbcAclServiceTests {
public void findChildrenOfIdTypeString() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl("location", "US");
aclServiceIntegration.setAclClassIdSupported(true);
List<ObjectIdentity> objectIdentities = aclServiceIntegration.findChildren(objectIdentity);
this.aclServiceIntegration.setAclClassIdSupported(true);
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
assertThat(objectIdentities.size()).isEqualTo(1);
assertThat(objectIdentities.get(0).getType()).isEqualTo("location");
assertThat(objectIdentities.get(0).getIdentifier()).isEqualTo("US-PAL");
@ -166,8 +166,8 @@ public class JdbcAclServiceTests {
public void findChildrenOfIdTypeUUID() {
ObjectIdentity objectIdentity = new ObjectIdentityImpl(MockUntypedIdDomainObject.class, 5000L);
aclServiceIntegration.setAclClassIdSupported(true);
List<ObjectIdentity> objectIdentities = aclServiceIntegration.findChildren(objectIdentity);
this.aclServiceIntegration.setAclClassIdSupported(true);
List<ObjectIdentity> objectIdentities = this.aclServiceIntegration.findChildren(objectIdentity);
assertThat(objectIdentities.size()).isEqualTo(1);
assertThat(objectIdentities.get(0).getType()).isEqualTo("costcenter");
assertThat(objectIdentities.get(0).getIdentifier())
@ -179,7 +179,7 @@ public class JdbcAclServiceTests {
private Object id;
public Object getId() {
return id;
return this.id;
}
public void setId(Object id) {
@ -193,7 +193,7 @@ public class JdbcAclServiceTests {
private Object id;
public Object getId() {
return id;
return this.id;
}
public void setId(Object id) {

176
acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTests.java
View File

@ -99,15 +99,15 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
}
protected ObjectIdentity getTopParentOid() {
return topParentOid;
return this.topParentOid;
}
protected ObjectIdentity getMiddleParentOid() {
return middleParentOid;
return this.middleParentOid;
}
protected ObjectIdentity getChildOid() {
return childOid;
return this.childOid;
}
protected String getTargetClass() {
@ -117,7 +117,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@BeforeTransaction
public void createTables() throws Exception {
try {
new DatabaseSeeder(dataSource, new ClassPathResource(getSqlClassPathResource()));
new DatabaseSeeder(this.dataSource, new ClassPathResource(getSqlClassPathResource()));
// new DatabaseSeeder(dataSource, new
// ClassPathResource("createAclSchemaPostgres.sql"));
}
@ -130,39 +130,39 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@AfterTransaction
public void clearContextAndData() {
SecurityContextHolder.clearContext();
jdbcTemplate.execute("drop table acl_entry");
jdbcTemplate.execute("drop table acl_object_identity");
jdbcTemplate.execute("drop table acl_class");
jdbcTemplate.execute("drop table acl_sid");
aclCache.clearCache();
this.jdbcTemplate.execute("drop table acl_entry");
this.jdbcTemplate.execute("drop table acl_object_identity");
this.jdbcTemplate.execute("drop table acl_class");
this.jdbcTemplate.execute("drop table acl_sid");
this.aclCache.clearCache();
}
@Test
@Transactional
public void testLifecycle() {
SecurityContextHolder.getContext().setAuthentication(auth);
SecurityContextHolder.getContext().setAuthentication(this.auth);
MutableAcl topParent = jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl middleParent = jdbcMutableAclService.createAcl(getMiddleParentOid());
MutableAcl child = jdbcMutableAclService.createAcl(getChildOid());
MutableAcl topParent = this.jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl middleParent = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
// Specify the inheritance hierarchy
middleParent.setParent(topParent);
child.setParent(middleParent);
// Now let's add a couple of permissions
topParent.insertAce(0, BasePermission.READ, new PrincipalSid(auth), true);
topParent.insertAce(1, BasePermission.WRITE, new PrincipalSid(auth), false);
middleParent.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), true);
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), false);
topParent.insertAce(0, BasePermission.READ, new PrincipalSid(this.auth), true);
topParent.insertAce(1, BasePermission.WRITE, new PrincipalSid(this.auth), false);
middleParent.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), true);
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), false);
// Explicitly save the changed ACL
jdbcMutableAclService.updateAcl(topParent);
jdbcMutableAclService.updateAcl(middleParent);
jdbcMutableAclService.updateAcl(child);
this.jdbcMutableAclService.updateAcl(topParent);
this.jdbcMutableAclService.updateAcl(middleParent);
this.jdbcMutableAclService.updateAcl(child);
// Let's check if we can read them back correctly
Map<ObjectIdentity, Acl> map = jdbcMutableAclService
Map<ObjectIdentity, Acl> map = this.jdbcMutableAclService
.readAclsById(Arrays.asList(getTopParentOid(), getMiddleParentOid(), getChildOid()));
assertThat(map).hasSize(3);
@ -190,7 +190,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
List<Permission> read = Arrays.asList(BasePermission.READ);
List<Permission> write = Arrays.asList(BasePermission.WRITE);
List<Permission> delete = Arrays.asList(BasePermission.DELETE);
List<Sid> pSid = Arrays.asList((Sid) new PrincipalSid(auth));
List<Sid> pSid = Arrays.asList((Sid) new PrincipalSid(this.auth));
assertThat(topParent.isGranted(read, pSid, false)).isTrue();
assertThat(topParent.isGranted(write, pSid, false)).isFalse();
@ -212,8 +212,8 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
// Next change the child so it doesn't inherit permissions from above
child.setEntriesInheriting(false);
jdbcMutableAclService.updateAcl(child);
child = (MutableAcl) jdbcMutableAclService.readAclById(getChildOid());
this.jdbcMutableAclService.updateAcl(child);
child = (MutableAcl) this.jdbcMutableAclService.readAclById(getChildOid());
assertThat(child.isEntriesInheriting()).isFalse();
// Check the child permissions no longer inherit
@ -237,14 +237,14 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
// Let's add an identical permission to the child, but it'll appear AFTER the
// current permission, so has no impact
child.insertAce(1, BasePermission.DELETE, new PrincipalSid(auth), true);
child.insertAce(1, BasePermission.DELETE, new PrincipalSid(this.auth), true);
// Let's also add another permission to the child
child.insertAce(2, BasePermission.CREATE, new PrincipalSid(auth), true);
child.insertAce(2, BasePermission.CREATE, new PrincipalSid(this.auth), true);
// Save the changed child
jdbcMutableAclService.updateAcl(child);
child = (MutableAcl) jdbcMutableAclService.readAclById(getChildOid());
this.jdbcMutableAclService.updateAcl(child);
child = (MutableAcl) this.jdbcMutableAclService.readAclById(getChildOid());
assertThat(child.getEntries()).hasSize(3);
// Output permissions
@ -262,7 +262,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
// non-granting
AccessControlEntry entry = child.getEntries().get(0);
assertThat(entry.getPermission().getMask()).isEqualTo(BasePermission.DELETE.getMask());
assertThat(entry.getSid()).isEqualTo(new PrincipalSid(auth));
assertThat(entry.getSid()).isEqualTo(new PrincipalSid(this.auth));
assertThat(entry.isGranting()).isFalse();
assertThat(entry.getId()).isNotNull();
@ -270,7 +270,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
child.deleteAce(0);
// Save and check it worked
child = jdbcMutableAclService.updateAcl(child);
child = this.jdbcMutableAclService.updateAcl(child);
assertThat(child.getEntries()).hasSize(2);
assertThat(child.isGranted(delete, pSid, false)).isTrue();
@ -283,38 +283,38 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
@Transactional
public void deleteAclAlsoDeletesChildren() {
SecurityContextHolder.getContext().setAuthentication(auth);
SecurityContextHolder.getContext().setAuthentication(this.auth);
jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl middleParent = jdbcMutableAclService.createAcl(getMiddleParentOid());
MutableAcl child = jdbcMutableAclService.createAcl(getChildOid());
this.jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl middleParent = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
child.setParent(middleParent);
jdbcMutableAclService.updateAcl(middleParent);
jdbcMutableAclService.updateAcl(child);
this.jdbcMutableAclService.updateAcl(middleParent);
this.jdbcMutableAclService.updateAcl(child);
// Check the childOid really is a child of middleParentOid
Acl childAcl = jdbcMutableAclService.readAclById(getChildOid());
Acl childAcl = this.jdbcMutableAclService.readAclById(getChildOid());
assertThat(childAcl.getParentAcl().getObjectIdentity()).isEqualTo(getMiddleParentOid());
// Delete the mid-parent and test if the child was deleted, as well
jdbcMutableAclService.deleteAcl(getMiddleParentOid(), true);
this.jdbcMutableAclService.deleteAcl(getMiddleParentOid(), true);
try {
jdbcMutableAclService.readAclById(getMiddleParentOid());
this.jdbcMutableAclService.readAclById(getMiddleParentOid());
fail("It should have thrown NotFoundException");
}
catch (NotFoundException expected) {
}
try {
jdbcMutableAclService.readAclById(getChildOid());
this.jdbcMutableAclService.readAclById(getChildOid());
fail("It should have thrown NotFoundException");
}
catch (NotFoundException expected) {
}
Acl acl = jdbcMutableAclService.readAclById(getTopParentOid());
Acl acl = this.jdbcMutableAclService.readAclById(getTopParentOid());
assertThat(acl).isNotNull();
assertThat(getTopParentOid()).isEqualTo(acl.getObjectIdentity());
}
@ -322,21 +322,21 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
public void constructorRejectsNullParameters() {
try {
new JdbcMutableAclService(null, lookupStrategy, aclCache);
new JdbcMutableAclService(null, this.lookupStrategy, this.aclCache);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new JdbcMutableAclService(dataSource, null, aclCache);
new JdbcMutableAclService(this.dataSource, null, this.aclCache);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new JdbcMutableAclService(dataSource, lookupStrategy, null);
new JdbcMutableAclService(this.dataSource, this.lookupStrategy, null);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -346,7 +346,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
public void createAclRejectsNullParameter() {
try {
jdbcMutableAclService.createAcl(null);
this.jdbcMutableAclService.createAcl(null);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -356,12 +356,12 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
@Transactional
public void createAclForADuplicateDomainObject() {
SecurityContextHolder.getContext().setAuthentication(auth);
SecurityContextHolder.getContext().setAuthentication(this.auth);
ObjectIdentity duplicateOid = new ObjectIdentityImpl(TARGET_CLASS, 100L);
jdbcMutableAclService.createAcl(duplicateOid);
this.jdbcMutableAclService.createAcl(duplicateOid);
// Try to add the same object second time
try {
jdbcMutableAclService.createAcl(duplicateOid);
this.jdbcMutableAclService.createAcl(duplicateOid);
fail("It should have thrown AlreadyExistsException");
}
catch (AlreadyExistsException expected) {
@ -372,7 +372,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Transactional
public void deleteAclRejectsNullParameters() {
try {
jdbcMutableAclService.deleteAcl(null, true);
this.jdbcMutableAclService.deleteAcl(null, true);
fail("It should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -382,25 +382,25 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
@Transactional
public void deleteAclWithChildrenThrowsException() {
SecurityContextHolder.getContext().setAuthentication(auth);
MutableAcl parent = jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl child = jdbcMutableAclService.createAcl(getMiddleParentOid());
SecurityContextHolder.getContext().setAuthentication(this.auth);
MutableAcl parent = this.jdbcMutableAclService.createAcl(getTopParentOid());
MutableAcl child = this.jdbcMutableAclService.createAcl(getMiddleParentOid());
// Specify the inheritance hierarchy
child.setParent(parent);
jdbcMutableAclService.updateAcl(child);
this.jdbcMutableAclService.updateAcl(child);
try {
jdbcMutableAclService.setForeignKeysInDatabase(false); // switch on FK
this.jdbcMutableAclService.setForeignKeysInDatabase(false); // switch on FK
// checking in the
// class, not database
jdbcMutableAclService.deleteAcl(getTopParentOid(), false);
this.jdbcMutableAclService.deleteAcl(getTopParentOid(), false);
fail("It should have thrown ChildrenExistException");
}
catch (ChildrenExistException expected) {
}
finally {
jdbcMutableAclService.setForeignKeysInDatabase(true); // restore to the
this.jdbcMutableAclService.setForeignKeysInDatabase(true); // restore to the
// default
}
}
@ -408,31 +408,31 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
@Transactional
public void deleteAclRemovesRowsFromDatabase() {
SecurityContextHolder.getContext().setAuthentication(auth);
MutableAcl child = jdbcMutableAclService.createAcl(getChildOid());
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(auth), false);
jdbcMutableAclService.updateAcl(child);
SecurityContextHolder.getContext().setAuthentication(this.auth);
MutableAcl child = this.jdbcMutableAclService.createAcl(getChildOid());
child.insertAce(0, BasePermission.DELETE, new PrincipalSid(this.auth), false);
this.jdbcMutableAclService.updateAcl(child);
// Remove the child and check all related database rows were removed accordingly
jdbcMutableAclService.deleteAcl(getChildOid(), false);
assertThat(jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] { getTargetClass() })).hasSize(1);
assertThat(jdbcTemplate.queryForList("select * from acl_object_identity")).isEmpty();
assertThat(jdbcTemplate.queryForList("select * from acl_entry")).isEmpty();
this.jdbcMutableAclService.deleteAcl(getChildOid(), false);
assertThat(this.jdbcTemplate.queryForList(SELECT_ALL_CLASSES, new Object[] { getTargetClass() })).hasSize(1);
assertThat(this.jdbcTemplate.queryForList("select * from acl_object_identity")).isEmpty();
assertThat(this.jdbcTemplate.queryForList("select * from acl_entry")).isEmpty();
// Check the cache
assertThat(aclCache.getFromCache(getChildOid())).isNull();
assertThat(aclCache.getFromCache(102L)).isNull();
assertThat(this.aclCache.getFromCache(getChildOid())).isNull();
assertThat(this.aclCache.getFromCache(102L)).isNull();
}
/** SEC-1107 */
@Test
@Transactional
public void identityWithIntegerIdIsSupportedByCreateAcl() {
SecurityContextHolder.getContext().setAuthentication(auth);
SecurityContextHolder.getContext().setAuthentication(this.auth);
ObjectIdentity oid = new ObjectIdentityImpl(TARGET_CLASS, 101);
jdbcMutableAclService.createAcl(oid);
this.jdbcMutableAclService.createAcl(oid);
assertThat(jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 101L))).isNotNull();
assertThat(this.jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 101L))).isNotNull();
}
/**
@ -448,21 +448,21 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
ObjectIdentity parentOid = new ObjectIdentityImpl(TARGET_CLASS, 104L);
ObjectIdentity childOid = new ObjectIdentityImpl(TARGET_CLASS, 105L);
MutableAcl parent = jdbcMutableAclService.createAcl(parentOid);
MutableAcl child = jdbcMutableAclService.createAcl(childOid);
MutableAcl parent = this.jdbcMutableAclService.createAcl(parentOid);
MutableAcl child = this.jdbcMutableAclService.createAcl(childOid);
child.setParent(parent);
jdbcMutableAclService.updateAcl(child);
this.jdbcMutableAclService.updateAcl(child);
parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid);
parent = (AclImpl) this.jdbcMutableAclService.readAclById(parentOid);
parent.insertAce(0, BasePermission.READ, new PrincipalSid("ben"), true);
jdbcMutableAclService.updateAcl(parent);
this.jdbcMutableAclService.updateAcl(parent);
parent = (AclImpl) jdbcMutableAclService.readAclById(parentOid);
parent = (AclImpl) this.jdbcMutableAclService.readAclById(parentOid);
parent.insertAce(1, BasePermission.READ, new PrincipalSid("scott"), true);
jdbcMutableAclService.updateAcl(parent);
this.jdbcMutableAclService.updateAcl(parent);
child = (MutableAcl) jdbcMutableAclService.readAclById(childOid);
child = (MutableAcl) this.jdbcMutableAclService.readAclById(childOid);
parent = (MutableAcl) child.getParentAcl();
assertThat(parent.getEntries()).hasSize(2)
@ -483,18 +483,18 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
SecurityContextHolder.getContext().setAuthentication(auth);
ObjectIdentityImpl rootObject = new ObjectIdentityImpl(TARGET_CLASS, 1L);
MutableAcl parent = jdbcMutableAclService.createAcl(rootObject);
MutableAcl child = jdbcMutableAclService.createAcl(new ObjectIdentityImpl(TARGET_CLASS, 2L));
MutableAcl parent = this.jdbcMutableAclService.createAcl(rootObject);
MutableAcl child = this.jdbcMutableAclService.createAcl(new ObjectIdentityImpl(TARGET_CLASS, 2L));
child.setParent(parent);
jdbcMutableAclService.updateAcl(child);
this.jdbcMutableAclService.updateAcl(child);
parent.insertAce(0, BasePermission.ADMINISTRATION, new GrantedAuthoritySid("ROLE_ADMINISTRATOR"), true);
jdbcMutableAclService.updateAcl(parent);
this.jdbcMutableAclService.updateAcl(parent);
parent.insertAce(1, BasePermission.DELETE, new PrincipalSid("terry"), true);
jdbcMutableAclService.updateAcl(parent);
this.jdbcMutableAclService.updateAcl(parent);
child = (MutableAcl) jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 2L));
child = (MutableAcl) this.jdbcMutableAclService.readAclById(new ObjectIdentityImpl(TARGET_CLASS, 2L));
parent = (MutableAcl) child.getParentAcl();
@ -513,7 +513,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
SecurityContextHolder.getContext().setAuthentication(auth);
ObjectIdentity topParentOid = new ObjectIdentityImpl(TARGET_CLASS, 110L);
MutableAcl topParent = jdbcMutableAclService.createAcl(topParentOid);
MutableAcl topParent = this.jdbcMutableAclService.createAcl(topParentOid);
// Add an ACE permission entry
Permission cm = new CumulativePermission().set(BasePermission.READ).set(BasePermission.ADMINISTRATION);
@ -523,7 +523,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
assertThat(topParent.getEntries()).hasSize(1);
// Explicitly save the changed ACL
topParent = jdbcMutableAclService.updateAcl(topParent);
topParent = this.jdbcMutableAclService.updateAcl(topParent);
// Check the mask was retrieved correctly
assertThat(topParent.getEntries().get(0).getPermission().getMask()).isEqualTo(17);
@ -535,7 +535,7 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
@Test
public void testProcessingCustomSid() {
CustomJdbcMutableAclService customJdbcMutableAclService = spy(
new CustomJdbcMutableAclService(dataSource, lookupStrategy, aclCache));
new CustomJdbcMutableAclService(this.dataSource, this.lookupStrategy, this.aclCache));
CustomSid customSid = new CustomSid("Custom sid");
when(customJdbcMutableAclService.createOrRetrieveSidPrimaryKey("Custom sid", false, false)).thenReturn(1L);
@ -574,11 +574,11 @@ public class JdbcMutableAclServiceTests extends AbstractTransactionalJUnit4Sprin
}
protected Authentication getAuth() {
return auth;
return this.auth;
}
protected JdbcMutableAclService getJdbcMutableAclService() {
return jdbcMutableAclService;
return this.jdbcMutableAclService;
}
}

6
acl/src/test/java/org/springframework/security/acls/jdbc/JdbcMutableAclServiceTestsWithAclClassId.java
View File

@ -52,17 +52,17 @@ public class JdbcMutableAclServiceTestsWithAclClassId extends JdbcMutableAclServ
@Override
protected ObjectIdentity getTopParentOid() {
return topParentOid;
return this.topParentOid;
}
@Override
protected ObjectIdentity getMiddleParentOid() {
return middleParentOid;
return this.middleParentOid;
}
@Override
protected ObjectIdentity getChildOid() {
return childOid;
return this.childOid;
}
@Override

2
acl/src/test/java/org/springframework/security/acls/sid/CustomSid.java
View File

@ -31,7 +31,7 @@ public class CustomSid implements Sid {
}
public String getSid() {
return sid;
return this.sid;
}
public void setSid(String sid) {

4
acl/src/test/java/org/springframework/security/acls/sid/SidRetrievalStrategyTests.java
View File

@ -48,7 +48,7 @@ public class SidRetrievalStrategyTests {
@Test
public void correctSidsAreRetrieved() {
SidRetrievalStrategy retrStrategy = new SidRetrievalStrategyImpl();
List<Sid> sids = retrStrategy.getSids(authentication);
List<Sid> sids = retrStrategy.getSids(this.authentication);
assertThat(sids).isNotNull();
assertThat(sids).hasSize(4);
@ -72,7 +72,7 @@ public class SidRetrievalStrategyTests {
when(rh.getReachableGrantedAuthorities(anyCollection())).thenReturn(rhAuthorities);
SidRetrievalStrategy strat = new SidRetrievalStrategyImpl(rh);
List<Sid> sids = strat.getSids(authentication);
List<Sid> sids = strat.getSids(this.authentication);
assertThat(sids).hasSize(2);
assertThat(sids.get(0)).isNotNull();
assertThat(sids.get(0) instanceof PrincipalSid).isTrue();

4
acl/src/test/java/org/springframework/security/acls/sid/SidTests.java
View File

@ -249,7 +249,7 @@ public class SidTests {
@Override
public String getName() {
return principal.getName();
return this.principal.getName();
}
}
@ -263,7 +263,7 @@ public class SidTests {
}
String getName() {
return name;
return this.name;
}
}

46
aspects/src/test/java/org/springframework/security/access/intercept/aspectj/aspect/AnnotationSecurityAspectTests.java
View File

@ -75,15 +75,15 @@ public class AnnotationSecurityAspectTests {
@Before
public final void setUp() {
MockitoAnnotations.initMocks(this);
interceptor = new AspectJMethodSecurityInterceptor();
this.interceptor = new AspectJMethodSecurityInterceptor();
AccessDecisionVoter[] voters = new AccessDecisionVoter[] { new RoleVoter(),
new PreInvocationAuthorizationAdviceVoter(new ExpressionBasedPreInvocationAdvice()) };
adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
interceptor.setAccessDecisionManager(adm);
interceptor.setAuthenticationManager(authman);
interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
this.adm = new AffirmativeBased(Arrays.<AccessDecisionVoter<? extends Object>>asList(voters));
this.interceptor.setAccessDecisionManager(this.adm);
this.interceptor.setAuthenticationManager(this.authman);
this.interceptor.setSecurityMetadataSource(new SecuredAnnotationSecurityMetadataSource());
AnnotationSecurityAspect secAspect = AnnotationSecurityAspect.aspectOf();
secAspect.setSecurityInterceptor(interceptor);
secAspect.setSecurityInterceptor(this.interceptor);
}
@After
@ -93,59 +93,59 @@ public class AnnotationSecurityAspectTests {
@Test
public void securedInterfaceMethodAllowsAllAccess() {
secured.securedMethod();
this.secured.securedMethod();
}
@Test(expected = AuthenticationCredentialsNotFoundException.class)
public void securedClassMethodDeniesUnauthenticatedAccess() {
secured.securedClassMethod();
this.secured.securedClassMethod();
}
@Test
public void securedClassMethodAllowsAccessToRoleA() {
SecurityContextHolder.getContext().setAuthentication(anne);
secured.securedClassMethod();
SecurityContextHolder.getContext().setAuthentication(this.anne);
this.secured.securedClassMethod();
}
@Test(expected = AccessDeniedException.class)
public void internalPrivateCallIsIntercepted() {
SecurityContextHolder.getContext().setAuthentication(anne);
SecurityContextHolder.getContext().setAuthentication(this.anne);
try {
secured.publicCallsPrivate();
this.secured.publicCallsPrivate();
fail("Expected AccessDeniedException");
}
catch (AccessDeniedException expected) {
}
securedSub.publicCallsPrivate();
this.securedSub.publicCallsPrivate();
}
@Test(expected = AccessDeniedException.class)
public void protectedMethodIsIntercepted() {
SecurityContextHolder.getContext().setAuthentication(anne);
SecurityContextHolder.getContext().setAuthentication(this.anne);
secured.protectedMethod();
this.secured.protectedMethod();
}
@Test
public void overriddenProtectedMethodIsNotIntercepted() {
// AspectJ doesn't inherit annotations
securedSub.protectedMethod();
this.securedSub.protectedMethod();
}
// SEC-1262
@Test(expected = AccessDeniedException.class)
public void denyAllPreAuthorizeDeniesAccess() {
configureForElAnnotations();
SecurityContextHolder.getContext().setAuthentication(anne);
prePostSecured.denyAllMethod();
SecurityContextHolder.getContext().setAuthentication(this.anne);
this.prePostSecured.denyAllMethod();
}
@Test
public void postFilterIsApplied() {
configureForElAnnotations();
SecurityContextHolder.getContext().setAuthentication(anne);
List<String> objects = prePostSecured.postFilterMethod();
SecurityContextHolder.getContext().setAuthentication(this.anne);
List<String> objects = this.prePostSecured.postFilterMethod();
assertThat(objects).hasSize(2);
assertThat(objects.contains("apple")).isTrue();
assertThat(objects.contains("aubergine")).isTrue();
@ -153,12 +153,12 @@ public class AnnotationSecurityAspectTests {
private void configureForElAnnotations() {
DefaultMethodSecurityExpressionHandler eh = new DefaultMethodSecurityExpressionHandler();
interceptor.setSecurityMetadataSource(
this.interceptor.setSecurityMetadataSource(
new PrePostAnnotationSecurityMetadataSource(new ExpressionBasedAnnotationAttributeFactory(eh)));
interceptor.setAccessDecisionManager(adm);
this.interceptor.setAccessDecisionManager(this.adm);
AfterInvocationProviderManager aim = new AfterInvocationProviderManager();
aim.setProviders(Arrays.asList(new PostInvocationAdviceProvider(new ExpressionBasedPostInvocationAdvice(eh))));
interceptor.setAfterInvocationManager(aim);
this.interceptor.setAfterInvocationManager(aim);
}
}

2
cas/src/main/java/org/springframework/security/cas/authentication/CasAuthenticationToken.java
View File

@ -164,7 +164,7 @@ public class CasAuthenticationToken extends AbstractAuthenticationToken implemen
}
public UserDetails getUserDetails() {
return userDetails;
return this.userDetails;
}
@Override

10
cas/src/main/java/org/springframework/security/cas/authentication/EhCacheBasedTicketCache.java
View File

@ -37,11 +37,11 @@ public class EhCacheBasedTicketCache implements StatelessTicketCache, Initializi
private Ehcache cache;
public void afterPropertiesSet() {
Assert.notNull(cache, "cache mandatory");
Assert.notNull(this.cache, "cache mandatory");
}
public CasAuthenticationToken getByTicketId(final String serviceTicket) {
final Element element = cache.get(serviceTicket);
final Element element = this.cache.get(serviceTicket);
if (logger.isDebugEnabled()) {
logger.debug("Cache hit: " + (element != null) + "; service ticket: " + serviceTicket);
@ -51,7 +51,7 @@ public class EhCacheBasedTicketCache implements StatelessTicketCache, Initializi
}
public Ehcache getCache() {
return cache;
return this.cache;
}
public void putTicketInCache(final CasAuthenticationToken token) {
@ -61,7 +61,7 @@ public class EhCacheBasedTicketCache implements StatelessTicketCache, Initializi
logger.debug("Cache put: " + element.getKey());
}
cache.put(element);
this.cache.put(element);
}
public void removeTicketFromCache(final CasAuthenticationToken token) {
@ -73,7 +73,7 @@ public class EhCacheBasedTicketCache implements StatelessTicketCache, Initializi
}
public void removeTicketFromCache(final String serviceTicket) {
cache.remove(serviceTicket);
this.cache.remove(serviceTicket);
}
public void setCache(final Ehcache cache) {

6
cas/src/main/java/org/springframework/security/cas/authentication/SpringCacheBasedTicketCache.java
View File

@ -40,7 +40,7 @@ public class SpringCacheBasedTicketCache implements StatelessTicketCache {
}
public CasAuthenticationToken getByTicketId(final String serviceTicket) {
final Cache.ValueWrapper element = serviceTicket != null ? cache.get(serviceTicket) : null;
final Cache.ValueWrapper element = serviceTicket != null ? this.cache.get(serviceTicket) : null;
if (logger.isDebugEnabled()) {
logger.debug("Cache hit: " + (element != null) + "; service ticket: " + serviceTicket);
@ -56,7 +56,7 @@ public class SpringCacheBasedTicketCache implements StatelessTicketCache {
logger.debug("Cache put: " + key);
}
cache.put(key, token);
this.cache.put(key, token);
}
public void removeTicketFromCache(final CasAuthenticationToken token) {
@ -68,7 +68,7 @@ public class SpringCacheBasedTicketCache implements StatelessTicketCache {
}
public void removeTicketFromCache(final String serviceTicket) {
cache.evict(serviceTicket);
this.cache.evict(serviceTicket);
}
}

44
cas/src/main/java/org/springframework/security/cas/web/CasAuthenticationFilter.java
View File

@ -217,15 +217,15 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
return;
}
if (logger.isDebugEnabled()) {
logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult);
if (this.logger.isDebugEnabled()) {
this.logger.debug("Authentication success. Updating SecurityContextHolder to contain: " + authResult);
}
SecurityContextHolder.getContext().setAuthentication(authResult);
// Fire event
if (this.eventPublisher != null) {
eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
this.eventPublisher.publishEvent(new InteractiveAuthenticationSuccessEvent(authResult, this.getClass()));
}
chain.doFilter(request, response);
@ -237,7 +237,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
// if the request is a proxy request process it and return null to indicate the
// request has been processed
if (proxyReceptorRequest(request)) {
logger.debug("Responding to proxy receptor request");
this.logger.debug("Responding to proxy receptor request");
CommonUtils.readAndRespondToProxyReceptorRequest(request, response, this.proxyGrantingTicketStorage);
return null;
}
@ -247,14 +247,14 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
String password = obtainArtifact(request);
if (password == null) {
logger.debug("Failed to obtain an artifact (cas ticket)");
this.logger.debug("Failed to obtain an artifact (cas ticket)");
password = "";
}
final UsernamePasswordAuthenticationToken authRequest = new UsernamePasswordAuthenticationToken(username,
password);
authRequest.setDetails(authenticationDetailsSource.buildDetails(request));
authRequest.setDetails(this.authenticationDetailsSource.buildDetails(request));
return this.getAuthenticationManager().authenticate(authRequest);
}
@ -265,7 +265,7 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
* @return if present the artifact from the {@link HttpServletRequest}, else null
*/
protected String obtainArtifact(HttpServletRequest request) {
return request.getParameter(artifactParameter);
return request.getParameter(this.artifactParameter);
}
/**
@ -275,8 +275,8 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
final boolean serviceTicketRequest = serviceTicketRequest(request, response);
final boolean result = serviceTicketRequest || proxyReceptorRequest(request)
|| (proxyTicketRequest(serviceTicketRequest, request));
if (logger.isDebugEnabled()) {
logger.debug("requiresAuthentication = " + result);
if (this.logger.isDebugEnabled()) {
this.logger.debug("requiresAuthentication = " + result);
}
return result;
}
@ -321,8 +321,8 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
*/
private boolean serviceTicketRequest(final HttpServletRequest request, final HttpServletResponse response) {
boolean result = super.requiresAuthentication(request, response);
if (logger.isDebugEnabled()) {
logger.debug("serviceTicketRequest = " + result);
if (this.logger.isDebugEnabled()) {
this.logger.debug("serviceTicketRequest = " + result);
}
return result;
}
@ -336,9 +336,9 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
if (serviceTicketRequest) {
return false;
}
final boolean result = authenticateAllArtifacts && obtainArtifact(request) != null && !authenticated();
if (logger.isDebugEnabled()) {
logger.debug("proxyTicketRequest = " + result);
final boolean result = this.authenticateAllArtifacts && obtainArtifact(request) != null && !authenticated();
if (this.logger.isDebugEnabled()) {
this.logger.debug("proxyTicketRequest = " + result);
}
return result;
}
@ -359,9 +359,9 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
* @return
*/
private boolean proxyReceptorRequest(final HttpServletRequest request) {
final boolean result = proxyReceptorConfigured() && proxyReceptorMatcher.matches(request);
if (logger.isDebugEnabled()) {
logger.debug("proxyReceptorRequest = " + result);
final boolean result = proxyReceptorConfigured() && this.proxyReceptorMatcher.matches(request);
if (this.logger.isDebugEnabled()) {
this.logger.debug("proxyReceptorRequest = " + result);
}
return result;
}
@ -372,9 +372,9 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
* @return
*/
private boolean proxyReceptorConfigured() {
final boolean result = this.proxyGrantingTicketStorage != null && proxyReceptorMatcher != null;
if (logger.isDebugEnabled()) {
logger.debug("proxyReceptorConfigured = " + result);
final boolean result = this.proxyGrantingTicketStorage != null && this.proxyReceptorMatcher != null;
if (this.logger.isDebugEnabled()) {
this.logger.debug("proxyReceptorConfigured = " + result);
}
return result;
}
@ -401,10 +401,10 @@ public class CasAuthenticationFilter extends AbstractAuthenticationProcessingFil
public void onAuthenticationFailure(HttpServletRequest request, HttpServletResponse response,
AuthenticationException exception) throws IOException, ServletException {
if (serviceTicketRequest(request, response)) {
serviceTicketFailureHandler.onAuthenticationFailure(request, response, exception);
this.serviceTicketFailureHandler.onAuthenticationFailure(request, response, exception);
}
else {
proxyFailureHandler.onAuthenticationFailure(request, response, exception);
CasAuthenticationFilter.this.proxyFailureHandler.onAuthenticationFailure(request, response, exception);
}
}

8
cas/src/main/java/org/springframework/security/cas/web/authentication/DefaultServiceAuthenticationDetails.java
View File

@ -62,14 +62,14 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
* @see org.springframework.security.cas.web.authentication.ServiceAuthenticationDetails#getServiceUrl()
*/
public String getServiceUrl() {
return serviceUrl;
return this.serviceUrl;
}
@Override
public int hashCode() {
final int prime = 31;
int result = super.hashCode();
result = prime * result + serviceUrl.hashCode();
result = prime * result + this.serviceUrl.hashCode();
return result;
}
@ -82,7 +82,7 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
return false;
}
ServiceAuthenticationDetails that = (ServiceAuthenticationDetails) obj;
return serviceUrl.equals(that.getServiceUrl());
return this.serviceUrl.equals(that.getServiceUrl());
}
@Override
@ -90,7 +90,7 @@ final class DefaultServiceAuthenticationDetails extends WebAuthenticationDetails
StringBuilder result = new StringBuilder();
result.append(super.toString());
result.append("ServiceUrl: ");
result.append(serviceUrl);
result.append(this.serviceUrl);
return result.toString();
}

3
cas/src/main/java/org/springframework/security/cas/web/authentication/ServiceAuthenticationDetailsSource.java
View File

@ -70,7 +70,8 @@ public class ServiceAuthenticationDetailsSource
*/
public ServiceAuthenticationDetails buildDetails(HttpServletRequest context) {
try {
return new DefaultServiceAuthenticationDetails(serviceProperties.getService(), context, artifactPattern);
return new DefaultServiceAuthenticationDetails(this.serviceProperties.getService(), context,
this.artifactPattern);
}
catch (MalformedURLException e) {
throw new RuntimeException(e);

6
cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationProviderTests.java
View File

@ -389,11 +389,11 @@ public class CasAuthenticationProviderTests {
private Map<String, CasAuthenticationToken> cache = new HashMap<>();
public CasAuthenticationToken getByTicketId(String serviceTicket) {
return cache.get(serviceTicket);
return this.cache.get(serviceTicket);
}
public void putTicketInCache(CasAuthenticationToken token) {
cache.put(token.getCredentials().toString(), token);
this.cache.put(token.getCredentials().toString(), token);
}
public void removeTicketFromCache(CasAuthenticationToken token) {
@ -415,7 +415,7 @@ public class CasAuthenticationProviderTests {
}
public Assertion validate(final String ticket, final String service) {
if (returnTicket) {
if (this.returnTicket) {
return new AssertionImpl("rod");
}
throw new BadCredentialsException("As requested from mock");

39
cas/src/test/java/org/springframework/security/cas/authentication/CasAuthenticationTokenTests.java
View File

@ -47,42 +47,42 @@ public class CasAuthenticationTokenTests {
}
private UserDetails makeUserDetails(final String name) {
return new User(name, "password", true, true, true, true, ROLES);
return new User(name, "password", true, true, true, true, this.ROLES);
}
@Test
public void testConstructorRejectsNulls() {
final Assertion assertion = new AssertionImpl("test");
try {
new CasAuthenticationToken(null, makeUserDetails(), "Password", ROLES, makeUserDetails(), assertion);
new CasAuthenticationToken(null, makeUserDetails(), "Password", this.ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", null, "Password", ROLES, makeUserDetails(), assertion);
new CasAuthenticationToken("key", null, "Password", this.ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), null, ROLES, makeUserDetails(), assertion);
new CasAuthenticationToken("key", makeUserDetails(), null, this.ROLES, makeUserDetails(), assertion);
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, makeUserDetails(), null);
new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, makeUserDetails(), null);
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
}
try {
new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES, null, assertion);
new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES, null, assertion);
fail("Should have thrown IllegalArgumentException");
}
catch (IllegalArgumentException expected) {
@ -107,10 +107,10 @@ public class CasAuthenticationTokenTests {
public void testEqualsWhenEqual() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
assertThat(token2).isEqualTo(token1);
@ -120,7 +120,7 @@ public class CasAuthenticationTokenTests {
public void testGetters() {
// Build the proxy list returned in the ticket from CAS
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
assertThat(token.getKeyHash()).isEqualTo("key".hashCode());
assertThat(token.getPrincipal()).isEqualTo(makeUserDetails());
@ -146,11 +146,11 @@ public class CasAuthenticationTokenTests {
public void testNotEqualsDueToAbstractParentEqualsCheck() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails("OTHER_NAME"), "Password",
ROLES, makeUserDetails(), assertion);
this.ROLES, makeUserDetails(), assertion);
assertThat(!token1.equals(token2)).isTrue();
}
@ -159,10 +159,11 @@ public class CasAuthenticationTokenTests {
public void testNotEqualsDueToDifferentAuthenticationClass() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken("Test", "Password", ROLES);
UsernamePasswordAuthenticationToken token2 = new UsernamePasswordAuthenticationToken("Test", "Password",
this.ROLES);
assertThat(!token1.equals(token2)).isTrue();
}
@ -170,11 +171,11 @@ public class CasAuthenticationTokenTests {
public void testNotEqualsDueToKey() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
CasAuthenticationToken token2 = new CasAuthenticationToken("DIFFERENT_KEY", makeUserDetails(), "Password",
ROLES, makeUserDetails(), assertion);
this.ROLES, makeUserDetails(), assertion);
assertThat(!token1.equals(token2)).isTrue();
}
@ -184,10 +185,10 @@ public class CasAuthenticationTokenTests {
final Assertion assertion = new AssertionImpl("test");
final Assertion assertion2 = new AssertionImpl("test");
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token1 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token2 = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion2);
assertThat(!token1.equals(token2)).isTrue();
@ -196,7 +197,7 @@ public class CasAuthenticationTokenTests {
@Test
public void testSetAuthenticated() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
assertThat(token.isAuthenticated()).isTrue();
token.setAuthenticated(false);
@ -206,7 +207,7 @@ public class CasAuthenticationTokenTests {
@Test
public void testToString() {
final Assertion assertion = new AssertionImpl("test");
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", ROLES,
CasAuthenticationToken token = new CasAuthenticationToken("key", makeUserDetails(), "Password", this.ROLES,
makeUserDetails(), assertion);
String result = token.toString();
assertThat(result.lastIndexOf("Credentials (Service/Proxy Ticket):") != -1).isTrue();

8
cas/src/test/java/org/springframework/security/cas/authentication/NullStatelessTicketCacheTests.java
View File

@ -31,15 +31,15 @@ public class NullStatelessTicketCacheTests extends AbstractStatelessTicketCacheT
@Test
public void testGetter() {
assertThat(cache.getByTicketId(null)).isNull();
assertThat(cache.getByTicketId("test")).isNull();
assertThat(this.cache.getByTicketId(null)).isNull();
assertThat(this.cache.getByTicketId("test")).isNull();
}
@Test
public void testInsertAndGet() {
final CasAuthenticationToken token = getToken();
cache.putTicketInCache(token);
assertThat(cache.getByTicketId((String) token.getCredentials())).isNull();
this.cache.putTicketInCache(token);
assertThat(this.cache.getByTicketId((String) token.getCredentials())).isNull();
}
}

12
cas/src/test/java/org/springframework/security/cas/jackson2/CasAuthenticationTokenMixinTests.java
View File

@ -95,15 +95,15 @@ public class CasAuthenticationTokenMixinTests {
@Before
public void setup() {
mapper = new ObjectMapper();
this.mapper = new ObjectMapper();
ClassLoader loader = getClass().getClassLoader();
mapper.registerModules(SecurityJackson2Modules.getModules(loader));
this.mapper.registerModules(SecurityJackson2Modules.getModules(loader));
}
@Test
public void serializeCasAuthenticationTest() throws JsonProcessingException, JSONException {
CasAuthenticationToken token = createCasAuthenticationToken();
String actualJson = mapper.writeValueAsString(token);
String actualJson = this.mapper.writeValueAsString(token);
JSONAssert.assertEquals(CAS_TOKEN_JSON, actualJson, true);
}
@ -112,19 +112,19 @@ public class CasAuthenticationTokenMixinTests {
throws JsonProcessingException, JSONException {
CasAuthenticationToken token = createCasAuthenticationToken();
token.eraseCredentials();
String actualJson = mapper.writeValueAsString(token);
String actualJson = this.mapper.writeValueAsString(token);
JSONAssert.assertEquals(CAS_TOKEN_CLEARED_JSON, actualJson, true);
}
@Test
public void deserializeCasAuthenticationTestAfterEraseCredentialInvoked() throws Exception {
CasAuthenticationToken token = mapper.readValue(CAS_TOKEN_CLEARED_JSON, CasAuthenticationToken.class);
CasAuthenticationToken token = this.mapper.readValue(CAS_TOKEN_CLEARED_JSON, CasAuthenticationToken.class);
assertThat(((UserDetails) token.getPrincipal()).getPassword()).isNull();
}
@Test
public void deserializeCasAuthenticationTest() throws IOException {
CasAuthenticationToken token = mapper.readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class);
CasAuthenticationToken token = this.mapper.readValue(CAS_TOKEN_JSON, CasAuthenticationToken.class);
assertThat(token).isNotNull();
assertThat(token.getPrincipal()).isNotNull().isInstanceOf(User.class);
assertThat(((User) token.getPrincipal()).getUsername()).isEqualTo("admin");

4
config/src/integration-test/java/org/springframework/security/config/annotation/authentication/ldap/LdapAuthenticationProviderBuilderSecurityBuilderTests.java
View File

@ -237,8 +237,8 @@ public class LdapAuthenticationProviderBuilderSecurityBuilderTests {
}
private LdapAuthenticationProvider ldapProvider() {
return ((List<LdapAuthenticationProvider>) ReflectionTestUtils.getField(authenticationManager, "providers"))
.get(0);
return ((List<LdapAuthenticationProvider>) ReflectionTestUtils.getField(this.authenticationManager,
"providers")).get(0);
}
private LdapAuthoritiesPopulator getAuthoritiesPopulator(LdapAuthenticationProvider provider) {

34
config/src/integration-test/java/org/springframework/security/config/ldap/LdapProviderBeanDefinitionParserTests.java
View File

@ -40,19 +40,19 @@ public class LdapProviderBeanDefinitionParserTests {
@After
public void closeAppContext() {
if (appCtx != null) {
appCtx.close();
appCtx = null;
if (this.appCtx != null) {
this.appCtx.close();
this.appCtx = null;
}
}
@Test
public void simpleProviderAuthenticatesCorrectly() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
+ "<authentication-manager>" + " <ldap-authentication-provider group-search-filter='member={0}' />"
+ "</authentication-manager>");
AuthenticationManager authenticationManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager.class);
Authentication auth = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
@ -62,12 +62,12 @@ public class LdapProviderBeanDefinitionParserTests {
@Test
public void multipleProvidersAreSupported() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
+ "<authentication-manager>" + " <ldap-authentication-provider group-search-filter='member={0}' />"
+ " <ldap-authentication-provider group-search-filter='uniqueMember={0}' />"
+ "</authentication-manager>");
ProviderManager providerManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
assertThat(providerManager.getProviders()).hasSize(2);
assertThat(providerManager.getProviders()).extracting("authoritiesPopulator.groupSearchFilter")
.containsExactly("member={0}", "uniqueMember={0}");
@ -81,11 +81,11 @@ public class LdapProviderBeanDefinitionParserTests {
@Test
public void supportsPasswordComparisonAuthentication() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
+ "<authentication-manager>" + " <ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>"
+ " <password-compare />" + " </ldap-authentication-provider>" + "</authentication-manager>");
AuthenticationManager authenticationManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager.class);
Authentication auth = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("ben", "benspassword"));
@ -95,13 +95,13 @@ public class LdapProviderBeanDefinitionParserTests {
@Test
public void supportsPasswordComparisonAuthenticationWithPasswordEncoder() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
+ "<authentication-manager>" + " <ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>"
+ " <password-compare password-attribute='uid'>" + " <password-encoder ref='passwordEncoder' />"
+ " </password-compare>" + " </ldap-authentication-provider>" + "</authentication-manager>"
+ "<b:bean id='passwordEncoder' class='org.springframework.security.crypto.password.NoOpPasswordEncoder' factory-method='getInstance' />");
AuthenticationManager authenticationManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager.class);
Authentication auth = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken("ben", "ben"));
@ -111,13 +111,13 @@ public class LdapProviderBeanDefinitionParserTests {
// SEC-2472
@Test
public void supportsCryptoPasswordEncoder() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>"
+ "<authentication-manager>" + " <ldap-authentication-provider user-dn-pattern='uid={0},ou=people'>"
+ " <password-compare>" + " <password-encoder ref='pe' />" + " </password-compare>"
+ " </ldap-authentication-provider>" + "</authentication-manager>"
+ "<b:bean id='pe' class='org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder' />");
AuthenticationManager authenticationManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager authenticationManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER,
AuthenticationManager.class);
Authentication auth = authenticationManager
.authenticate(new UsernamePasswordAuthenticationToken("bcrypt", "password"));
@ -127,13 +127,13 @@ public class LdapProviderBeanDefinitionParserTests {
@Test
public void inetOrgContextMapperIsSupported() {
appCtx = new InMemoryXmlApplicationContext(
this.appCtx = new InMemoryXmlApplicationContext(
"<ldap-server url='ldap://127.0.0.1:343/dc=springframework,dc=org' port='0'/>"
+ "<authentication-manager>"
+ " <ldap-authentication-provider user-details-class='inetOrgPerson' />"
+ "</authentication-manager>");
ProviderManager providerManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
assertThat(providerManager.getProviders()).hasSize(1);
assertThat(providerManager.getProviders()).extracting("userDetailsContextMapper")
.allSatisfy(contextMapper -> assertThat(contextMapper).isInstanceOf(InetOrgPersonContextMapper.class));
@ -143,12 +143,12 @@ public class LdapProviderBeanDefinitionParserTests {
public void ldapAuthenticationProviderWorksWithPlaceholders() {
System.setProperty("udp", "people");
System.setProperty("gsf", "member");
appCtx = new InMemoryXmlApplicationContext("<ldap-server />" + "<authentication-manager>"
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server />" + "<authentication-manager>"
+ " <ldap-authentication-provider user-dn-pattern='uid={0},ou=${udp}' group-search-filter='${gsf}={0}' />"
+ "</authentication-manager>"
+ "<b:bean id='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer' class='org.springframework.beans.factory.config.PropertyPlaceholderConfigurer' />");
ProviderManager providerManager = appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
ProviderManager providerManager = this.appCtx.getBean(BeanIds.AUTHENTICATION_MANAGER, ProviderManager.class);
assertThat(providerManager.getProviders()).hasSize(1);
AuthenticationProvider authenticationProvider = providerManager.getProviders().get(0);

25
config/src/integration-test/java/org/springframework/security/config/ldap/LdapServerBeanDefinitionParserTests.java
View File

@ -40,17 +40,17 @@ public class LdapServerBeanDefinitionParserTests {
@After
public void closeAppContext() {
if (appCtx != null) {
appCtx.close();
appCtx = null;
if (this.appCtx != null) {
this.appCtx.close();
this.appCtx = null;
}
}
@Test
public void embeddedServerCreationContainsExpectedContextSourceAndData() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>");
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='0'/>");
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
.getBean(BeanIds.CONTEXT_SOURCE);
// Check data is loaded
@ -62,14 +62,15 @@ public class LdapServerBeanDefinitionParserTests {
public void useOfUrlAttributeCreatesCorrectContextSource() throws Exception {
int port = getDefaultPort();
// Create second "server" with a url pointing at embedded one
appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='" + port
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server ldif='classpath:test-server.ldif' port='" + port
+ "'/>" + "<ldap-server ldif='classpath:test-server.ldif' id='blah' url='ldap://127.0.0.1:" + port
+ "/dc=springframework,dc=org' />");
// Check the default context source is still there.
appCtx.getBean(BeanIds.CONTEXT_SOURCE);
this.appCtx.getBean(BeanIds.CONTEXT_SOURCE);
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx.getBean("blah");
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
.getBean("blah");
// Check data is loaded as before
LdapTemplate template = new LdapTemplate(contextSource);
@ -78,9 +79,9 @@ public class LdapServerBeanDefinitionParserTests {
@Test
public void loadingSpecificLdifFileIsSuccessful() {
appCtx = new InMemoryXmlApplicationContext(
this.appCtx = new InMemoryXmlApplicationContext(
"<ldap-server ldif='classpath*:test-server2.xldif' root='dc=monkeymachine,dc=co,dc=uk' port='0'/>");
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) appCtx
DefaultSpringSecurityContextSource contextSource = (DefaultSpringSecurityContextSource) this.appCtx
.getBean(BeanIds.CONTEXT_SOURCE);
LdapTemplate template = new LdapTemplate(contextSource);
@ -89,8 +90,8 @@ public class LdapServerBeanDefinitionParserTests {
@Test
public void defaultLdifFileIsSuccessful() {
appCtx = new InMemoryXmlApplicationContext("<ldap-server/>");
ApacheDSContainer dsContainer = appCtx.getBean(ApacheDSContainer.class);
this.appCtx = new InMemoryXmlApplicationContext("<ldap-server/>");
ApacheDSContainer dsContainer = this.appCtx.getBean(ApacheDSContainer.class);
assertThat(ReflectionTestUtils.getField(dsContainer, "ldifResources")).isEqualTo("classpath*:*.ldif");
}

24
config/src/integration-test/java/org/springframework/security/config/ldap/LdapUserServiceBeanDefinitionParserTests.java
View File

@ -53,9 +53,9 @@ public class LdapUserServiceBeanDefinitionParserTests {
@After
public void closeAppContext() {
if (appCtx != null) {
appCtx.close();
appCtx = null;
if (this.appCtx != null) {
this.appCtx.close();
this.appCtx = null;
}
}
@ -81,7 +81,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
setContext(
"<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' group-search-filter='member={0}' /><ldap-server ldif='classpath:test-server.ldif'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
@ -95,7 +95,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
+ " user-search-filter='(cn={0})' "
+ " group-search-filter='member={0}' /><ldap-server ldif='classpath:test-server.ldif'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails joe = uds.loadUserByUsername("Joe Smeth");
assertThat(joe.getUsername()).isEqualTo("Joe Smeth");
@ -108,11 +108,11 @@ public class LdapUserServiceBeanDefinitionParserTests {
+ "<ldap-user-service id='ldapUDSNoPrefix' " + " user-search-filter='(uid={0})' "
+ " group-search-filter='member={0}' role-prefix='none'/><ldap-server ldif='classpath:test-server.ldif'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
assertThat(AuthorityUtils.authorityListToSet(ben.getAuthorities())).contains("PREFIX_DEVELOPERS");
uds = (UserDetailsService) appCtx.getBean("ldapUDSNoPrefix");
uds = (UserDetailsService) this.appCtx.getBean("ldapUDSNoPrefix");
ben = uds.loadUserByUsername("ben");
assertThat(AuthorityUtils.authorityListToSet(ben.getAuthorities())).contains("DEVELOPERS");
}
@ -122,7 +122,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
setContext(
"<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' group-role-attribute='ou' group-search-filter='member={0}' /><ldap-server ldif='classpath:test-server.ldif'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
Set<String> authorities = AuthorityUtils.authorityListToSet(ben.getAuthorities());
@ -144,7 +144,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
public void personContextMapperIsSupported() {
setContext("<ldap-server ldif='classpath:test-server.ldif'/>"
+ "<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' user-details-class='person'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
assertThat(ben instanceof Person).isTrue();
}
@ -153,7 +153,7 @@ public class LdapUserServiceBeanDefinitionParserTests {
public void inetOrgContextMapperIsSupported() {
setContext("<ldap-server id='someServer' ldif='classpath:test-server.ldif'/>"
+ "<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' user-details-class='inetOrgPerson'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
assertThat(ben instanceof InetOrgPerson).isTrue();
}
@ -164,13 +164,13 @@ public class LdapUserServiceBeanDefinitionParserTests {
+ "<ldap-user-service id='ldapUDS' user-search-filter='(uid={0})' user-context-mapper-ref='mapper'/>"
+ "<b:bean id='mapper' class='" + InetOrgPersonContextMapper.class.getName() + "'/>");
UserDetailsService uds = (UserDetailsService) appCtx.getBean("ldapUDS");
UserDetailsService uds = (UserDetailsService) this.appCtx.getBean("ldapUDS");
UserDetails ben = uds.loadUserByUsername("ben");
assertThat(ben instanceof InetOrgPerson).isTrue();
}
private void setContext(String context) {
appCtx = new InMemoryXmlApplicationContext(context);
this.appCtx = new InMemoryXmlApplicationContext(context);
}
}

54
config/src/main/java/org/springframework/security/config/SecurityNamespaceHandler.java
View File

@ -78,15 +78,16 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
Package pkg = SpringSecurityCoreVersion.class.getPackage();
if (pkg == null || coreVersion == null) {
logger.info("Couldn't determine package version information.");
this.logger.info("Couldn't determine package version information.");
return;
}
String version = pkg.getImplementationVersion();
logger.info("Spring Security 'config' module version is " + version);
this.logger.info("Spring Security 'config' module version is " + version);
if (version.compareTo(coreVersion) != 0) {
logger.error("You are running with different versions of the Spring Security 'core' and 'config' modules");
this.logger.error(
"You are running with different versions of the Spring Security 'core' and 'config' modules");
}
}
@ -98,7 +99,7 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
element);
}
String name = pc.getDelegate().getLocalName(element);
BeanDefinitionParser parser = parsers.get(name);
BeanDefinitionParser parser = this.parsers.get(name);
if (parser == null) {
// SEC-1455. Load parsers when required, not just on init().
@ -126,17 +127,17 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
// We only handle elements
if (node instanceof Element) {
if (Elements.INTERCEPT_METHODS.equals(name)) {
return interceptMethodsBDD.decorate(node, definition, pc);
return this.interceptMethodsBDD.decorate(node, definition, pc);
}
if (Elements.FILTER_CHAIN_MAP.equals(name)) {
if (filterChainMapBDD == null) {
if (this.filterChainMapBDD == null) {
loadParsers();
}
if (filterChainMapBDD == null) {
if (this.filterChainMapBDD == null) {
reportMissingWebClasses(name, pc, node);
}
return filterChainMapBDD.decorate(node, definition, pc);
return this.filterChainMapBDD.decorate(node, definition, pc);
}
}
@ -170,29 +171,32 @@ public final class SecurityNamespaceHandler implements NamespaceHandler {
private void loadParsers() {
// Parsers
parsers.put(Elements.LDAP_PROVIDER, new LdapProviderBeanDefinitionParser());
parsers.put(Elements.LDAP_SERVER, new LdapServerBeanDefinitionParser());
parsers.put(Elements.LDAP_USER_SERVICE, new LdapUserServiceBeanDefinitionParser());
parsers.put(Elements.USER_SERVICE, new UserServiceBeanDefinitionParser());
parsers.put(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
parsers.put(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
parsers.put(Elements.GLOBAL_METHOD_SECURITY, new GlobalMethodSecurityBeanDefinitionParser());
parsers.put(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
parsers.put(Elements.METHOD_SECURITY_METADATA_SOURCE, new MethodSecurityMetadataSourceBeanDefinitionParser());
this.parsers.put(Elements.LDAP_PROVIDER, new LdapProviderBeanDefinitionParser());
this.parsers.put(Elements.LDAP_SERVER, new LdapServerBeanDefinitionParser());
this.parsers.put(Elements.LDAP_USER_SERVICE, new LdapUserServiceBeanDefinitionParser());
this.parsers.put(Elements.USER_SERVICE, new UserServiceBeanDefinitionParser());
this.parsers.put(Elements.JDBC_USER_SERVICE, new JdbcUserServiceBeanDefinitionParser());
this.parsers.put(Elements.AUTHENTICATION_PROVIDER, new AuthenticationProviderBeanDefinitionParser());
this.parsers.put(Elements.GLOBAL_METHOD_SECURITY, new GlobalMethodSecurityBeanDefinitionParser());
this.parsers.put(Elements.AUTHENTICATION_MANAGER, new AuthenticationManagerBeanDefinitionParser());
this.parsers.put(Elements.METHOD_SECURITY_METADATA_SOURCE,
new MethodSecurityMetadataSourceBeanDefinitionParser());
// Only load the web-namespace parsers if the web classes are available
if (ClassUtils.isPresent(FILTER_CHAIN_PROXY_CLASSNAME, getClass().getClassLoader())) {
parsers.put(Elements.DEBUG, new DebugBeanDefinitionParser());
parsers.put(Elements.HTTP, new HttpSecurityBeanDefinitionParser());
parsers.put(Elements.HTTP_FIREWALL, new HttpFirewallBeanDefinitionParser());
parsers.put(Elements.FILTER_SECURITY_METADATA_SOURCE, new FilterInvocationSecurityMetadataSourceParser());
parsers.put(Elements.FILTER_CHAIN, new FilterChainBeanDefinitionParser());
filterChainMapBDD = new FilterChainMapBeanDefinitionDecorator();
parsers.put(Elements.CLIENT_REGISTRATIONS, new ClientRegistrationsBeanDefinitionParser());
this.parsers.put(Elements.DEBUG, new DebugBeanDefinitionParser());
this.parsers.put(Elements.HTTP, new HttpSecurityBeanDefinitionParser());
this.parsers.put(Elements.HTTP_FIREWALL, new HttpFirewallBeanDefinitionParser());
this.parsers.put(Elements.FILTER_SECURITY_METADATA_SOURCE,
new FilterInvocationSecurityMetadataSourceParser());
this.parsers.put(Elements.FILTER_CHAIN, new FilterChainBeanDefinitionParser());
this.filterChainMapBDD = new FilterChainMapBeanDefinitionDecorator();
this.parsers.put(Elements.CLIENT_REGISTRATIONS, new ClientRegistrationsBeanDefinitionParser());
}
if (ClassUtils.isPresent(MESSAGE_CLASSNAME, getClass().getClassLoader())) {
parsers.put(Elements.WEBSOCKET_MESSAGE_BROKER, new WebSocketMessageBrokerSecurityBeanDefinitionParser());
this.parsers.put(Elements.WEBSOCKET_MESSAGE_BROKER,
new WebSocketMessageBrokerSecurityBeanDefinitionParser());
}
}

33
config/src/main/java/org/springframework/security/config/annotation/AbstractConfiguredSecurityBuilder.java
View File

@ -103,7 +103,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
return build();
}
catch (Exception e) {
logger.debug("Failed to perform build. Returning null", e);
this.logger.debug("Failed to perform build. Returning null", e);
return null;
}
}
@ -121,7 +121,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
*/
@SuppressWarnings("unchecked")
public <C extends SecurityConfigurerAdapter<O, B>> C apply(C configurer) throws Exception {
configurer.addObjectPostProcessor(objectPostProcessor);
configurer.addObjectPostProcessor(this.objectPostProcessor);
configurer.setBuilder((B) this);
add(configurer);
return configurer;
@ -179,17 +179,18 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
Class<? extends SecurityConfigurer<O, B>> clazz = (Class<? extends SecurityConfigurer<O, B>>) configurer
.getClass();
synchronized (configurers) {
if (buildState.isConfigured()) {
synchronized (this.configurers) {
if (this.buildState.isConfigured()) {
throw new IllegalStateException("Cannot apply " + configurer + " to already built object");
}
List<SecurityConfigurer<O, B>> configs = allowConfigurersOfSameType ? this.configurers.get(clazz) : null;
List<SecurityConfigurer<O, B>> configs = this.allowConfigurersOfSameType ? this.configurers.get(clazz)
: null;
if (configs == null) {
configs = new ArrayList<>(1);
}
configs.add(configurer);
this.configurers.put(clazz, configs);
if (buildState.isInitializing()) {
if (this.buildState.isInitializing()) {
this.configurersAddedInInitializing.add(configurer);
}
}
@ -297,22 +298,22 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
*/
@Override
protected final O doBuild() throws Exception {
synchronized (configurers) {
buildState = BuildState.INITIALIZING;
synchronized (this.configurers) {
this.buildState = BuildState.INITIALIZING;
beforeInit();
init();
buildState = BuildState.CONFIGURING;
this.buildState = BuildState.CONFIGURING;
beforeConfigure();
configure();
buildState = BuildState.BUILDING;
this.buildState = BuildState.BUILDING;
O result = performBuild();
buildState = BuildState.BUILT;
this.buildState = BuildState.BUILT;
return result;
}
@ -349,7 +350,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
configurer.init((B) this);
}
for (SecurityConfigurer<O, B> configurer : configurersAddedInInitializing) {
for (SecurityConfigurer<O, B> configurer : this.configurersAddedInInitializing) {
configurer.init((B) this);
}
}
@ -376,8 +377,8 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* @return true, if unbuilt else false
*/
private boolean isUnbuilt() {
synchronized (configurers) {
return buildState == BuildState.UNBUILT;
synchronized (this.configurers) {
return this.buildState == BuildState.UNBUILT;
}
}
@ -427,7 +428,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
}
public boolean isInitializing() {
return INITIALIZING.order == order;
return INITIALIZING.order == this.order;
}
/**
@ -435,7 +436,7 @@ public abstract class AbstractConfiguredSecurityBuilder<O, B extends SecurityBui
* @return
*/
public boolean isConfigured() {
return order >= CONFIGURING.order;
return this.order >= CONFIGURING.order;
}
}

8
config/src/main/java/org/springframework/security/config/annotation/SecurityConfigurerAdapter.java
View File

@ -60,10 +60,10 @@ public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>>
* @throws IllegalStateException if {@link SecurityBuilder} is null
*/
protected final B getBuilder() {
if (securityBuilder == null) {
if (this.securityBuilder == null) {
throw new IllegalStateException("securityBuilder cannot be null");
}
return securityBuilder;
return this.securityBuilder;
}
/**
@ -108,7 +108,7 @@ public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>>
@SuppressWarnings({ "rawtypes", "unchecked" })
public Object postProcess(Object object) {
for (ObjectPostProcessor opp : postProcessors) {
for (ObjectPostProcessor opp : this.postProcessors) {
Class<?> oppClass = opp.getClass();
Class<?> oppType = GenericTypeResolver.resolveTypeArgument(oppClass, ObjectPostProcessor.class);
if (oppType == null || oppType.isAssignableFrom(object.getClass())) {
@ -125,7 +125,7 @@ public abstract class SecurityConfigurerAdapter<O, B extends SecurityBuilder<O>>
*/
private boolean addObjectPostProcessor(ObjectPostProcessor<?> objectPostProcessor) {
boolean result = this.postProcessors.add(objectPostProcessor);
postProcessors.sort(AnnotationAwareOrderComparator.INSTANCE);
this.postProcessors.sort(AnnotationAwareOrderComparator.INSTANCE);
return result;
}

15
config/src/main/java/org/springframework/security/config/annotation/authentication/builders/AuthenticationManagerBuilder.java
View File

@ -220,15 +220,16 @@ public class AuthenticationManagerBuilder
@Override
protected ProviderManager performBuild() throws Exception {
if (!isConfigured()) {
logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null.");
this.logger.debug("No authenticationProviders and no parentAuthenticationManager defined. Returning null.");
return null;
}
ProviderManager providerManager = new ProviderManager(authenticationProviders, parentAuthenticationManager);
if (eraseCredentials != null) {
providerManager.setEraseCredentialsAfterAuthentication(eraseCredentials);
ProviderManager providerManager = new ProviderManager(this.authenticationProviders,
this.parentAuthenticationManager);
if (this.eraseCredentials != null) {
providerManager.setEraseCredentialsAfterAuthentication(this.eraseCredentials);
}
if (eventPublisher != null) {
providerManager.setAuthenticationEventPublisher(eventPublisher);
if (this.eventPublisher != null) {
providerManager.setAuthenticationEventPublisher(this.eventPublisher);
}
providerManager = postProcess(providerManager);
return providerManager;
@ -250,7 +251,7 @@ public class AuthenticationManagerBuilder
* false
*/
public boolean isConfigured() {
return !authenticationProviders.isEmpty() || parentAuthenticationManager != null;
return !this.authenticationProviders.isEmpty() || this.parentAuthenticationManager != null;
}
/**

23
config/src/main/java/org/springframework/security/config/annotation/authentication/configuration/AuthenticationConfiguration.java
View File

@ -115,18 +115,18 @@ public class AuthenticationConfiguration {
return new AuthenticationManagerDelegator(authBuilder);
}
for (GlobalAuthenticationConfigurerAdapter config : globalAuthConfigurers) {
for (GlobalAuthenticationConfigurerAdapter config : this.globalAuthConfigurers) {
authBuilder.apply(config);
}
authenticationManager = authBuilder.build();
this.authenticationManager = authBuilder.build();
if (authenticationManager == null) {
authenticationManager = getAuthenticationManagerBean();
if (this.authenticationManager == null) {
this.authenticationManager = getAuthenticationManagerBean();
}
this.authenticationManagerInitialized = true;
return authenticationManager;
return this.authenticationManager;
}
@Autowired(required = false)
@ -148,7 +148,7 @@ public class AuthenticationConfiguration {
@SuppressWarnings("unchecked")
private <T> T lazyBean(Class<T> interfaceName) {
LazyInitTargetSource lazyTargetSource = new LazyInitTargetSource();
String[] beanNamesForType = BeanFactoryUtils.beanNamesForTypeIncludingAncestors(applicationContext,
String[] beanNamesForType = BeanFactoryUtils.beanNamesForTypeIncludingAncestors(this.applicationContext,
interfaceName);
if (beanNamesForType.length == 0) {
return null;
@ -168,20 +168,20 @@ public class AuthenticationConfiguration {
}
lazyTargetSource.setTargetBeanName(beanName);
lazyTargetSource.setBeanFactory(applicationContext);
lazyTargetSource.setBeanFactory(this.applicationContext);
ProxyFactoryBean proxyFactory = new ProxyFactoryBean();
proxyFactory = objectPostProcessor.postProcess(proxyFactory);
proxyFactory = this.objectPostProcessor.postProcess(proxyFactory);
proxyFactory.setTargetSource(lazyTargetSource);
return (T) proxyFactory.getObject();
}
private List<String> getPrimaryBeanNames(String[] beanNamesForType) {
List<String> list = new ArrayList<>();
if (!(applicationContext instanceof ConfigurableApplicationContext)) {
if (!(this.applicationContext instanceof ConfigurableApplicationContext)) {
return Collections.emptyList();
}
for (String beanName : beanNamesForType) {
if (((ConfigurableApplicationContext) applicationContext).getBeanFactory().getBeanDefinition(beanName)
if (((ConfigurableApplicationContext) this.applicationContext).getBeanFactory().getBeanDefinition(beanName)
.isPrimary()) {
list.add(beanName);
}
@ -214,7 +214,8 @@ public class AuthenticationConfiguration {
@Override
public void init(AuthenticationManagerBuilder auth) {
Map<String, Object> beansWithAnnotation = context.getBeansWithAnnotation(EnableGlobalAuthentication.class);
Map<String, Object> beansWithAnnotation = this.context
.getBeansWithAnnotation(EnableGlobalAuthentication.class);
if (logger.isDebugEnabled()) {
logger.debug("Eagerly initializing " + beansWithAnnotation);
}

68
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/ldap/LdapAuthenticationProviderConfigurer.java
View File

@ -98,8 +98,8 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
LdapAuthenticationProvider ldapAuthenticationProvider = new LdapAuthenticationProvider(ldapAuthenticator,
authoritiesPopulator);
ldapAuthenticationProvider.setAuthoritiesMapper(getAuthoritiesMapper());
if (userDetailsContextMapper != null) {
ldapAuthenticationProvider.setUserDetailsContextMapper(userDetailsContextMapper);
if (this.userDetailsContextMapper != null) {
ldapAuthenticationProvider.setUserDetailsContextMapper(this.userDetailsContextMapper);
}
return ldapAuthenticationProvider;
}
@ -132,15 +132,15 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
* @return the {@link LdapAuthoritiesPopulator}
*/
private LdapAuthoritiesPopulator getLdapAuthoritiesPopulator() {
if (ldapAuthoritiesPopulator != null) {
return ldapAuthoritiesPopulator;
if (this.ldapAuthoritiesPopulator != null) {
return this.ldapAuthoritiesPopulator;
}
DefaultLdapAuthoritiesPopulator defaultAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(contextSource,
groupSearchBase);
defaultAuthoritiesPopulator.setGroupRoleAttribute(groupRoleAttribute);
defaultAuthoritiesPopulator.setGroupSearchFilter(groupSearchFilter);
defaultAuthoritiesPopulator.setSearchSubtree(groupSearchSubtree);
DefaultLdapAuthoritiesPopulator defaultAuthoritiesPopulator = new DefaultLdapAuthoritiesPopulator(
this.contextSource, this.groupSearchBase);
defaultAuthoritiesPopulator.setGroupRoleAttribute(this.groupRoleAttribute);
defaultAuthoritiesPopulator.setGroupSearchFilter(this.groupSearchFilter);
defaultAuthoritiesPopulator.setSearchSubtree(this.groupSearchSubtree);
defaultAuthoritiesPopulator.setRolePrefix(this.rolePrefix);
this.ldapAuthoritiesPopulator = defaultAuthoritiesPopulator;
@ -169,8 +169,8 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
* @throws Exception if errors in {@link SimpleAuthorityMapper#afterPropertiesSet()}
*/
protected GrantedAuthoritiesMapper getAuthoritiesMapper() throws Exception {
if (authoritiesMapper != null) {
return authoritiesMapper;
if (this.authoritiesMapper != null) {
return this.authoritiesMapper;
}
SimpleAuthorityMapper simpleAuthorityMapper = new SimpleAuthorityMapper();
@ -186,14 +186,14 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
* @return the {@link LdapAuthenticator} to use
*/
private LdapAuthenticator createLdapAuthenticator(BaseLdapPathContextSource contextSource) {
AbstractLdapAuthenticator ldapAuthenticator = passwordEncoder == null ? createBindAuthenticator(contextSource)
: createPasswordCompareAuthenticator(contextSource);
AbstractLdapAuthenticator ldapAuthenticator = this.passwordEncoder == null
? createBindAuthenticator(contextSource) : createPasswordCompareAuthenticator(contextSource);
LdapUserSearch userSearch = createUserSearch();
if (userSearch != null) {
ldapAuthenticator.setUserSearch(userSearch);
}
if (userDnPatterns != null && userDnPatterns.length > 0) {
ldapAuthenticator.setUserDnPatterns(userDnPatterns);
if (this.userDnPatterns != null && this.userDnPatterns.length > 0) {
ldapAuthenticator.setUserDnPatterns(this.userDnPatterns);
}
return postProcess(ldapAuthenticator);
}
@ -206,10 +206,10 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
private PasswordComparisonAuthenticator createPasswordCompareAuthenticator(
BaseLdapPathContextSource contextSource) {
PasswordComparisonAuthenticator ldapAuthenticator = new PasswordComparisonAuthenticator(contextSource);
if (passwordAttribute != null) {
ldapAuthenticator.setPasswordAttributeName(passwordAttribute);
if (this.passwordAttribute != null) {
ldapAuthenticator.setPasswordAttributeName(this.passwordAttribute);
}
ldapAuthenticator.setPasswordEncoder(passwordEncoder);
ldapAuthenticator.setPasswordEncoder(this.passwordEncoder);
return ldapAuthenticator;
}
@ -223,10 +223,10 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
}
private LdapUserSearch createUserSearch() {
if (userSearchFilter == null) {
if (this.userSearchFilter == null) {
return null;
}
return new FilterBasedLdapUserSearch(userSearchBase, userSearchFilter, contextSource);
return new FilterBasedLdapUserSearch(this.userSearchBase, this.userSearchFilter, this.contextSource);
}
/**
@ -247,7 +247,7 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
* @return the {@link ContextSourceBuilder} for further customizations
*/
public ContextSourceBuilder contextSource() {
return contextSourceBuilder;
return this.contextSourceBuilder;
}
/**
@ -540,12 +540,12 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
}
DefaultSpringSecurityContextSource contextSource = new DefaultSpringSecurityContextSource(getProviderUrl());
if (managerDn != null) {
contextSource.setUserDn(managerDn);
if (managerPassword == null) {
if (this.managerDn != null) {
contextSource.setUserDn(this.managerDn);
if (this.managerPassword == null) {
throw new IllegalStateException("managerPassword is required if managerDn is supplied");
}
contextSource.setPassword(managerPassword);
contextSource.setPassword(this.managerPassword);
}
contextSource = postProcess(contextSource);
return contextSource;
@ -570,10 +570,10 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
}
private int getPort() {
if (port == null) {
port = getDefaultPort();
if (this.port == null) {
this.port = getDefaultPort();
}
return port;
return this.port;
}
private int getDefaultPort() {
@ -586,10 +586,10 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
}
private String getProviderUrl() {
if (url == null) {
return "ldap://127.0.0.1:" + getPort() + "/" + root;
if (this.url == null) {
return "ldap://127.0.0.1:" + getPort() + "/" + this.root;
}
return url;
return this.url;
}
private ContextSourceBuilder() {
@ -598,10 +598,10 @@ public class LdapAuthenticationProviderConfigurer<B extends ProviderManagerBuild
}
private BaseLdapPathContextSource getContextSource() throws Exception {
if (contextSource == null) {
contextSource = contextSourceBuilder.build();
if (this.contextSource == null) {
this.contextSource = this.contextSourceBuilder.build();
}
return contextSource;
return this.contextSource;
}
/**

6
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/JdbcUserDetailsManagerConfigurer.java
View File

@ -150,7 +150,7 @@ public class JdbcUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B
@Override
protected void initUserDetailsService() throws Exception {
if (!initScripts.isEmpty()) {
if (!this.initScripts.isEmpty()) {
getDataSourceInit().afterPropertiesSet();
}
super.initUserDetailsService();
@ -173,14 +173,14 @@ public class JdbcUserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B
protected DatabasePopulator getDatabasePopulator() {
ResourceDatabasePopulator dbp = new ResourceDatabasePopulator();
dbp.setScripts(initScripts.toArray(new Resource[0]));
dbp.setScripts(this.initScripts.toArray(new Resource[0]));
return dbp;
}
private DataSourceInitializer getDataSourceInit() {
DataSourceInitializer dsi = new DataSourceInitializer();
dsi.setDatabasePopulator(getDatabasePopulator());
dsi.setDataSource(dataSource);
dsi.setDataSource(this.dataSource);
return dsi;
}

4
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/provisioning/UserDetailsManagerConfigurer.java
View File

@ -54,7 +54,7 @@ public class UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>, C
*/
@Override
protected void initUserDetailsService() throws Exception {
for (UserDetailsBuilder userBuilder : userBuilders) {
for (UserDetailsBuilder userBuilder : this.userBuilders) {
getUserDetailsService().createUser(userBuilder.build());
}
for (UserDetails userDetails : this.users) {
@ -124,7 +124,7 @@ public class UserDetailsManagerConfigurer<B extends ProviderManagerBuilder<B>, C
* @return the {@link UserDetailsManagerConfigurer} for method chaining
*/
public C and() {
return builder;
return this.builder;
}
/**

12
config/src/main/java/org/springframework/security/config/annotation/authentication/configurers/userdetails/AbstractDaoAuthenticationConfigurer.java
View File

@ -45,7 +45,7 @@ abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuil
*/
protected AbstractDaoAuthenticationConfigurer(U userDetailsService) {
this.userDetailsService = userDetailsService;
provider.setUserDetailsService(userDetailsService);
this.provider.setUserDetailsService(userDetailsService);
if (userDetailsService instanceof UserDetailsPasswordService) {
this.provider.setUserDetailsPasswordService((UserDetailsPasswordService) userDetailsService);
}
@ -70,19 +70,19 @@ abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuil
*/
@SuppressWarnings("unchecked")
public C passwordEncoder(PasswordEncoder passwordEncoder) {
provider.setPasswordEncoder(passwordEncoder);
this.provider.setPasswordEncoder(passwordEncoder);
return (C) this;
}
public C userDetailsPasswordManager(UserDetailsPasswordService passwordManager) {
provider.setUserDetailsPasswordService(passwordManager);
this.provider.setUserDetailsPasswordService(passwordManager);
return (C) this;
}
@Override
public void configure(B builder) throws Exception {
provider = postProcess(provider);
builder.authenticationProvider(provider);
this.provider = postProcess(this.provider);
builder.authenticationProvider(this.provider);
}
/**
@ -92,7 +92,7 @@ abstract class AbstractDaoAuthenticationConfigurer<B extends ProviderManagerBuil
* {@link DaoAuthenticationProvider}
*/
public U getUserDetailsService() {
return userDetailsService;
return this.userDetailsService;
}
}

2
config/src/main/java/org/springframework/security/config/annotation/configuration/AutowireBeanFactoryObjectPostProcessor.java
View File

@ -91,7 +91,7 @@ final class AutowireBeanFactoryObjectPostProcessor
*/
@Override
public void afterSingletonsInstantiated() {
for (SmartInitializingSingleton singleton : smartSingletons) {
for (SmartInitializingSingleton singleton : this.smartSingletons) {
singleton.afterSingletonsInstantiated();
}
}

44
config/src/main/java/org/springframework/security/config/annotation/method/configuration/GlobalMethodSecurityConfiguration.java
View File

@ -136,12 +136,12 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
public MethodInterceptor methodSecurityInterceptor(MethodSecurityMetadataSource methodSecurityMetadataSource) {
this.methodSecurityInterceptor = isAspectJ() ? new AspectJMethodSecurityInterceptor()
: new MethodSecurityInterceptor();
methodSecurityInterceptor.setAccessDecisionManager(accessDecisionManager());
methodSecurityInterceptor.setAfterInvocationManager(afterInvocationManager());
methodSecurityInterceptor.setSecurityMetadataSource(methodSecurityMetadataSource);
this.methodSecurityInterceptor.setAccessDecisionManager(accessDecisionManager());
this.methodSecurityInterceptor.setAfterInvocationManager(afterInvocationManager());
this.methodSecurityInterceptor.setSecurityMetadataSource(methodSecurityMetadataSource);
RunAsManager runAsManager = runAsManager();
if (runAsManager != null) {
methodSecurityInterceptor.setRunAsManager(runAsManager);
this.methodSecurityInterceptor.setRunAsManager(runAsManager);
}
return this.methodSecurityInterceptor;
@ -185,7 +185,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
private <T> T getSingleBeanOrNull(Class<T> type) {
try {
return context.getBean(type);
return this.context.getBean(type);
}
catch (NoSuchBeanDefinitionException e) {
}
@ -279,7 +279,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
* @return the {@link MethodSecurityExpressionHandler} to use
*/
protected MethodSecurityExpressionHandler createExpressionHandler() {
return defaultMethodExpressionHandler;
return this.defaultMethodExpressionHandler;
}
/**
@ -288,10 +288,10 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
* @return a non {@code null} {@link MethodSecurityExpressionHandler}
*/
protected final MethodSecurityExpressionHandler getExpressionHandler() {
if (expressionHandler == null) {
expressionHandler = createExpressionHandler();
if (this.expressionHandler == null) {
this.expressionHandler = createExpressionHandler();
}
return expressionHandler;
return this.expressionHandler;
}
/**
@ -313,20 +313,20 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
* @return the {@link AuthenticationManager} to use
*/
protected AuthenticationManager authenticationManager() throws Exception {
if (authenticationManager == null) {
DefaultAuthenticationEventPublisher eventPublisher = objectPostProcessor
if (this.authenticationManager == null) {
DefaultAuthenticationEventPublisher eventPublisher = this.objectPostProcessor
.postProcess(new DefaultAuthenticationEventPublisher());
auth = new AuthenticationManagerBuilder(objectPostProcessor);
auth.authenticationEventPublisher(eventPublisher);
configure(auth);
if (disableAuthenticationRegistry) {
authenticationManager = getAuthenticationConfiguration().getAuthenticationManager();
this.auth = new AuthenticationManagerBuilder(this.objectPostProcessor);
this.auth.authenticationEventPublisher(eventPublisher);
configure(this.auth);
if (this.disableAuthenticationRegistry) {
this.authenticationManager = getAuthenticationConfiguration().getAuthenticationManager();
}
else {
authenticationManager = auth.build();
this.authenticationManager = this.auth.build();
}
}
return authenticationManager;
return this.authenticationManager;
}
/**
@ -405,13 +405,13 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
public final void setImportMetadata(AnnotationMetadata importMetadata) {
Map<String, Object> annotationAttributes = importMetadata
.getAnnotationAttributes(EnableGlobalMethodSecurity.class.getName());
enableMethodSecurity = AnnotationAttributes.fromMap(annotationAttributes);
this.enableMethodSecurity = AnnotationAttributes.fromMap(annotationAttributes);
}
@Autowired(required = false)
public void setObjectPostProcessor(ObjectPostProcessor<Object> objectPostProcessor) {
this.objectPostProcessor = objectPostProcessor;
this.defaultMethodExpressionHandler = objectPostProcessor.postProcess(defaultMethodExpressionHandler);
this.defaultMethodExpressionHandler = objectPostProcessor.postProcess(this.defaultMethodExpressionHandler);
}
@Autowired(required = false)
@ -429,7 +429,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
}
private AuthenticationConfiguration getAuthenticationConfiguration() {
return context.getBean(AuthenticationConfiguration.class);
return this.context.getBean(AuthenticationConfiguration.class);
}
private boolean prePostEnabled() {
@ -453,7 +453,7 @@ public class GlobalMethodSecurityConfiguration implements ImportAware, SmartInit
}
private AnnotationAttributes enableMethodSecurity() {
if (enableMethodSecurity == null) {
if (this.enableMethodSecurity == null) {
// if it is null look at this instance (i.e. a subclass was used)
EnableGlobalMethodSecurity methodSecurityAnnotation = AnnotationUtils.findAnnotation(getClass(),
EnableGlobalMethodSecurity.class);

2
config/src/main/java/org/springframework/security/config/annotation/method/configuration/ReactiveMethodSecurityConfiguration.java
View File

@ -54,7 +54,7 @@ class ReactiveMethodSecurityConfiguration implements ImportAware {
public MethodSecurityMetadataSourceAdvisor methodSecurityInterceptor(AbstractMethodSecurityMetadataSource source) {
MethodSecurityMetadataSourceAdvisor advisor = new MethodSecurityMetadataSourceAdvisor(
"securityMethodInterceptor", source, "methodMetadataSource");
advisor.setOrder(advisorOrder);
advisor.setOrder(this.advisorOrder);
return advisor;
}

22
config/src/main/java/org/springframework/security/config/annotation/web/builders/FilterComparator.java
View File

@ -74,27 +74,29 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
put(CorsFilter.class, order.next());
put(CsrfFilter.class, order.next());
put(LogoutFilter.class, order.next());
filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
this.filterToOrder.put(
"org.springframework.security.oauth2.client.web.OAuth2AuthorizationRequestRedirectFilter",
order.next());
filterToOrder.put(
this.filterToOrder.put(
"org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationRequestFilter",
order.next());
put(X509AuthenticationFilter.class, order.next());
put(AbstractPreAuthenticatedProcessingFilter.class, order.next());
filterToOrder.put("org.springframework.security.cas.web.CasAuthenticationFilter", order.next());
filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
this.filterToOrder.put("org.springframework.security.cas.web.CasAuthenticationFilter", order.next());
this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2LoginAuthenticationFilter",
order.next());
filterToOrder.put(
this.filterToOrder.put(
"org.springframework.security.saml2.provider.service.servlet.filter.Saml2WebSsoAuthenticationFilter",
order.next());
put(UsernamePasswordAuthenticationFilter.class, order.next());
order.next(); // gh-8105
filterToOrder.put("org.springframework.security.openid.OpenIDAuthenticationFilter", order.next());
this.filterToOrder.put("org.springframework.security.openid.OpenIDAuthenticationFilter", order.next());
put(DefaultLoginPageGeneratingFilter.class, order.next());
put(DefaultLogoutPageGeneratingFilter.class, order.next());
put(ConcurrentSessionFilter.class, order.next());
put(DigestAuthenticationFilter.class, order.next());
filterToOrder.put("org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter",
this.filterToOrder.put(
"org.springframework.security.oauth2.server.resource.web.BearerTokenAuthenticationFilter",
order.next());
put(BasicAuthenticationFilter.class, order.next());
put(RequestCacheAwareFilter.class, order.next());
@ -102,7 +104,7 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
put(JaasApiIntegrationFilter.class, order.next());
put(RememberMeAuthenticationFilter.class, order.next());
put(AnonymousAuthenticationFilter.class, order.next());
filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter",
this.filterToOrder.put("org.springframework.security.oauth2.client.web.OAuth2AuthorizationCodeGrantFilter",
order.next());
put(SessionManagementFilter.class, order.next());
put(ExceptionTranslationFilter.class, order.next());
@ -174,7 +176,7 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
private void put(Class<? extends Filter> filter, int position) {
String className = filter.getName();
filterToOrder.put(className, position);
this.filterToOrder.put(className, position);
}
/**
@ -185,7 +187,7 @@ final class FilterComparator implements Comparator<Filter>, Serializable {
*/
private Integer getOrder(Class<?> clazz) {
while (clazz != null) {
Integer result = filterToOrder.get(clazz.getName());
Integer result = this.filterToOrder.get(clazz.getName());
if (result != null) {
return result;
}

14
config/src/main/java/org/springframework/security/config/annotation/web/builders/HttpSecurity.java
View File

@ -2518,8 +2518,8 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
@Override
protected DefaultSecurityFilterChain performBuild() {
filters.sort(comparator);
return new DefaultSecurityFilterChain(requestMatcher, filters);
this.filters.sort(this.comparator);
return new DefaultSecurityFilterChain(this.requestMatcher, this.filters);
}
/*
@ -2557,7 +2557,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* addFilterAfter(javax .servlet.Filter, java.lang.Class)
*/
public HttpSecurity addFilterAfter(Filter filter, Class<? extends Filter> afterFilter) {
comparator.registerAfter(filter.getClass(), afterFilter);
this.comparator.registerAfter(filter.getClass(), afterFilter);
return addFilter(filter);
}
@ -2568,7 +2568,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* addFilterBefore( javax.servlet.Filter, java.lang.Class)
*/
public HttpSecurity addFilterBefore(Filter filter, Class<? extends Filter> beforeFilter) {
comparator.registerBefore(filter.getClass(), beforeFilter);
this.comparator.registerBefore(filter.getClass(), beforeFilter);
return addFilter(filter);
}
@ -2581,7 +2581,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
*/
public HttpSecurity addFilter(Filter filter) {
Class<? extends Filter> filterClass = filter.getClass();
if (!comparator.isRegistered(filterClass)) {
if (!this.comparator.isRegistered(filterClass)) {
throw new IllegalArgumentException("The Filter class " + filterClass.getName()
+ " does not have a registered order and cannot be added without a specified order. Consider using addFilterBefore or addFilterAfter instead.");
}
@ -2720,7 +2720,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @return the {@link RequestMatcherConfigurer} for further customizations
*/
public RequestMatcherConfigurer requestMatchers() {
return requestMatcherConfigurer;
return this.requestMatcherConfigurer;
}
/**
@ -2819,7 +2819,7 @@ public final class HttpSecurity extends AbstractConfiguredSecurityBuilder<Defaul
* @return the {@link HttpSecurity} for further customizations
*/
public HttpSecurity requestMatchers(Customizer<RequestMatcherConfigurer> requestMatcherCustomizer) {
requestMatcherCustomizer.customize(requestMatcherConfigurer);
requestMatcherCustomizer.customize(this.requestMatcherConfigurer);
return HttpSecurity.this;
}

36
config/src/main/java/org/springframework/security/config/annotation/web/builders/WebSecurity.java
View File

@ -101,7 +101,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
private DefaultWebSecurityExpressionHandler defaultWebSecurityExpressionHandler = new DefaultWebSecurityExpressionHandler();
private SecurityExpressionHandler<FilterInvocation> expressionHandler = defaultWebSecurityExpressionHandler;
private SecurityExpressionHandler<FilterInvocation> expressionHandler = this.defaultWebSecurityExpressionHandler;
private Runnable postBuildAction = () -> {
};
@ -156,7 +156,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
* should be ignored
*/
public IgnoredRequestConfigurer ignoring() {
return ignoredRequestRegistry;
return this.ignoredRequestRegistry;
}
/**
@ -230,7 +230,7 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
* @return the {@link SecurityExpressionHandler} for further customizations
*/
public SecurityExpressionHandler<FilterInvocation> getExpressionHandler() {
return expressionHandler;
return this.expressionHandler;
}
/**
@ -238,11 +238,11 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
* @return the {@link WebInvocationPrivilegeEvaluator} for further customizations
*/
public WebInvocationPrivilegeEvaluator getPrivilegeEvaluator() {
if (privilegeEvaluator != null) {
return privilegeEvaluator;
if (this.privilegeEvaluator != null) {
return this.privilegeEvaluator;
}
return filterSecurityInterceptor == null ? null
: new DefaultWebInvocationPrivilegeEvaluator(filterSecurityInterceptor);
return this.filterSecurityInterceptor == null ? null
: new DefaultWebInvocationPrivilegeEvaluator(this.filterSecurityInterceptor);
}
/**
@ -268,39 +268,39 @@ public final class WebSecurity extends AbstractConfiguredSecurityBuilder<Filter,
@Override
protected Filter performBuild() throws Exception {
Assert.state(!securityFilterChainBuilders.isEmpty(),
Assert.state(!this.securityFilterChainBuilders.isEmpty(),
() -> "At least one SecurityBuilder<? extends SecurityFilterChain> needs to be specified. "
+ "Typically this is done by exposing a SecurityFilterChain bean "
+ "or by adding a @Configuration that extends WebSecurityConfigurerAdapter. "
+ "More advanced users can invoke " + WebSecurity.class.getSimpleName()
+ ".addSecurityFilterChainBuilder directly");
int chainSize = ignoredRequests.size() + securityFilterChainBuilders.size();
int chainSize = this.ignoredRequests.size() + this.securityFilterChainBuilders.size();
List<SecurityFilterChain> securityFilterChains = new ArrayList<>(chainSize);
for (RequestMatcher ignoredRequest : ignoredRequests) {
for (RequestMatcher ignoredRequest : this.ignoredRequests) {
securityFilterChains.add(new DefaultSecurityFilterChain(ignoredRequest));
}
for (SecurityBuilder<? extends SecurityFilterChain> securityFilterChainBuilder : securityFilterChainBuilders) {
for (SecurityBuilder<? extends SecurityFilterChain> securityFilterChainBuilder : this.securityFilterChainBuilders) {
securityFilterChains.add(securityFilterChainBuilder.build());
}
FilterChainProxy filterChainProxy = new FilterChainProxy(securityFilterChains);
if (httpFirewall != null) {
filterChainProxy.setFirewall(httpFirewall);
if (this.httpFirewall != null) {
filterChainProxy.setFirewall(this.httpFirewall);
}
if (requestRejectedHandler != null) {
filterChainProxy.setRequestRejectedHandler(requestRejectedHandler);
if (this.requestRejectedHandler != null) {
filterChainProxy.setRequestRejectedHandler(this.requestRejectedHandler);
}
filterChainProxy.afterPropertiesSet();
Filter result = filterChainProxy;
if (debugEnabled) {
logger.warn("\n\n" + "********************************************************************\n"
if (this.debugEnabled) {
this.logger.warn("\n\n" + "********************************************************************\n"
+ "********** Security debugging is enabled. *************\n"
+ "********** This may include sensitive information. *************\n"
+ "********** Do not use in a production system! *************\n"
+ "********************************************************************\n\n");
result = new DebugFilter(filterChainProxy);
}
postBuildAction.run();
this.postBuildAction.run();
return result;
}

2
config/src/main/java/org/springframework/security/config/annotation/web/configuration/AutowiredWebSecurityConfigurersIgnoreParents.java
View File

@ -48,7 +48,7 @@ final class AutowiredWebSecurityConfigurersIgnoreParents {
@SuppressWarnings({ "rawtypes", "unchecked" })
public List<SecurityConfigurer<Filter, WebSecurity>> getWebSecurityConfigurers() {
List<SecurityConfigurer<Filter, WebSecurity>> webSecurityConfigurers = new ArrayList<>();
Map<String, WebSecurityConfigurer> beansOfType = beanFactory.getBeansOfType(WebSecurityConfigurer.class);
Map<String, WebSecurityConfigurer> beansOfType = this.beanFactory.getBeansOfType(WebSecurityConfigurer.class);
for (Entry<String, WebSecurityConfigurer> entry : beansOfType.entrySet()) {
webSecurityConfigurers.add(entry.getValue());
}

4
config/src/main/java/org/springframework/security/config/annotation/web/configuration/HttpSecurityConfiguration.java
View File

@ -85,7 +85,7 @@ class HttpSecurityConfiguration {
this.objectPostProcessor, passwordEncoder);
authenticationBuilder.parentAuthenticationManager(authenticationManager());
HttpSecurity http = new HttpSecurity(objectPostProcessor, authenticationBuilder, createSharedObjects());
HttpSecurity http = new HttpSecurity(this.objectPostProcessor, authenticationBuilder, createSharedObjects());
http.csrf(withDefaults()).addFilter(new WebAsyncManagerIntegrationFilter()).exceptionHandling(withDefaults())
.headers(withDefaults()).sessionManagement(withDefaults()).securityContext(withDefaults())
.requestCache(withDefaults()).anonymous(withDefaults()).servletApi(withDefaults())
@ -105,7 +105,7 @@ class HttpSecurityConfiguration {
private Map<Class<?>, Object> createSharedObjects() {
Map<Class<?>, Object> sharedObjects = new HashMap<>();
sharedObjects.put(ApplicationContext.class, context);
sharedObjects.put(ApplicationContext.class, this.context);
return sharedObjects;
}

4
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebMvcSecurityConfiguration.java
View File

@ -53,13 +53,13 @@ class WebMvcSecurityConfiguration implements WebMvcConfigurer, ApplicationContex
@SuppressWarnings("deprecation")
public void addArgumentResolvers(List<HandlerMethodArgumentResolver> argumentResolvers) {
AuthenticationPrincipalArgumentResolver authenticationPrincipalResolver = new AuthenticationPrincipalArgumentResolver();
authenticationPrincipalResolver.setBeanResolver(beanResolver);
authenticationPrincipalResolver.setBeanResolver(this.beanResolver);
argumentResolvers.add(authenticationPrincipalResolver);
argumentResolvers
.add(new org.springframework.security.web.bind.support.AuthenticationPrincipalArgumentResolver());
CurrentSecurityContextArgumentResolver currentSecurityContextArgumentResolver = new CurrentSecurityContextArgumentResolver();
currentSecurityContextArgumentResolver.setBeanResolver(beanResolver);
currentSecurityContextArgumentResolver.setBeanResolver(this.beanResolver);
argumentResolvers.add(currentSecurityContextArgumentResolver);
argumentResolvers.add(new CsrfTokenArgumentResolver());
}

34
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfiguration.java
View File

@ -88,7 +88,7 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
@Bean
@DependsOn(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME)
public SecurityExpressionHandler<FilterInvocation> webSecurityExpressionHandler() {
return webSecurity.getExpressionHandler();
return this.webSecurity.getExpressionHandler();
}
/**
@ -98,28 +98,28 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
*/
@Bean(name = AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME)
public Filter springSecurityFilterChain() throws Exception {
boolean hasConfigurers = webSecurityConfigurers != null && !webSecurityConfigurers.isEmpty();
boolean hasFilterChain = !securityFilterChains.isEmpty();
boolean hasConfigurers = this.webSecurityConfigurers != null && !this.webSecurityConfigurers.isEmpty();
boolean hasFilterChain = !this.securityFilterChains.isEmpty();
if (hasConfigurers && hasFilterChain) {
throw new IllegalStateException(
"Found WebSecurityConfigurerAdapter as well as SecurityFilterChain." + "Please select just one.");
}
if (!hasConfigurers && !hasFilterChain) {
WebSecurityConfigurerAdapter adapter = objectObjectPostProcessor
WebSecurityConfigurerAdapter adapter = this.objectObjectPostProcessor
.postProcess(new WebSecurityConfigurerAdapter() {
});
webSecurity.apply(adapter);
this.webSecurity.apply(adapter);
}
for (SecurityFilterChain securityFilterChain : securityFilterChains) {
webSecurity.addSecurityFilterChainBuilder(() -> securityFilterChain);
for (SecurityFilterChain securityFilterChain : this.securityFilterChains) {
this.webSecurity.addSecurityFilterChainBuilder(() -> securityFilterChain);
for (Filter filter : securityFilterChain.getFilters()) {
if (filter instanceof FilterSecurityInterceptor) {
webSecurity.securityInterceptor((FilterSecurityInterceptor) filter);
this.webSecurity.securityInterceptor((FilterSecurityInterceptor) filter);
break;
}
}
}
return webSecurity.build();
return this.webSecurity.build();
}
/**
@ -130,7 +130,7 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
@Bean
@DependsOn(AbstractSecurityWebApplicationInitializer.DEFAULT_FILTER_NAME)
public WebInvocationPrivilegeEvaluator privilegeEvaluator() {
return webSecurity.getPrivilegeEvaluator();
return this.webSecurity.getPrivilegeEvaluator();
}
/**
@ -147,9 +147,9 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
public void setFilterChainProxySecurityConfigurer(ObjectPostProcessor<Object> objectPostProcessor,
@Value("#{@autowiredWebSecurityConfigurersIgnoreParents.getWebSecurityConfigurers()}") List<SecurityConfigurer<Filter, WebSecurity>> webSecurityConfigurers)
throws Exception {
webSecurity = objectPostProcessor.postProcess(new WebSecurity(objectPostProcessor));
if (debugEnabled != null) {
webSecurity.debug(debugEnabled);
this.webSecurity = objectPostProcessor.postProcess(new WebSecurity(objectPostProcessor));
if (this.debugEnabled != null) {
this.webSecurity.debug(this.debugEnabled);
}
webSecurityConfigurers.sort(AnnotationAwareOrderComparator.INSTANCE);
@ -166,7 +166,7 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
previousConfig = config;
}
for (SecurityConfigurer<Filter, WebSecurity> webSecurityConfigurer : webSecurityConfigurers) {
webSecurity.apply(webSecurityConfigurer);
this.webSecurity.apply(webSecurityConfigurer);
}
this.webSecurityConfigurers = webSecurityConfigurers;
}
@ -231,9 +231,9 @@ public class WebSecurityConfiguration implements ImportAware, BeanClassLoaderAwa
Map<String, Object> enableWebSecurityAttrMap = importMetadata
.getAnnotationAttributes(EnableWebSecurity.class.getName());
AnnotationAttributes enableWebSecurityAttrs = AnnotationAttributes.fromMap(enableWebSecurityAttrMap);
debugEnabled = enableWebSecurityAttrs.getBoolean("debug");
if (webSecurity != null) {
webSecurity.debug(debugEnabled);
this.debugEnabled = enableWebSecurityAttrs.getBoolean("debug");
if (this.webSecurity != null) {
this.webSecurity.debug(this.debugEnabled);
}
}

98
config/src/main/java/org/springframework/security/config/annotation/web/configuration/WebSecurityConfigurerAdapter.java
View File

@ -195,21 +195,21 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
*/
@SuppressWarnings({ "rawtypes", "unchecked" })
protected final HttpSecurity getHttp() throws Exception {
if (http != null) {
return http;
if (this.http != null) {
return this.http;
}
AuthenticationEventPublisher eventPublisher = getAuthenticationEventPublisher();
localConfigureAuthenticationBldr.authenticationEventPublisher(eventPublisher);
this.localConfigureAuthenticationBldr.authenticationEventPublisher(eventPublisher);
AuthenticationManager authenticationManager = authenticationManager();
authenticationBuilder.parentAuthenticationManager(authenticationManager);
this.authenticationBuilder.parentAuthenticationManager(authenticationManager);
Map<Class<?>, Object> sharedObjects = createSharedObjects();
http = new HttpSecurity(objectPostProcessor, authenticationBuilder, sharedObjects);
if (!disableDefaults) {
this.http = new HttpSecurity(this.objectPostProcessor, this.authenticationBuilder, sharedObjects);
if (!this.disableDefaults) {
// @formatter:off
http
this.http
.csrf().and()
.addFilter(new WebAsyncManagerIntegrationFilter())
.exceptionHandling().and()
@ -227,11 +227,11 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
.loadFactories(AbstractHttpConfigurer.class, classLoader);
for (AbstractHttpConfigurer configurer : defaultHttpConfigurers) {
http.apply(configurer);
this.http.apply(configurer);
}
}
configure(http);
return http;
configure(this.http);
return this.http;
}
/**
@ -250,7 +250,7 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
* @throws Exception
*/
public AuthenticationManager authenticationManagerBean() throws Exception {
return new AuthenticationManagerDelegator(authenticationBuilder, context);
return new AuthenticationManagerDelegator(this.authenticationBuilder, this.context);
}
/**
@ -262,17 +262,17 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
* @throws Exception
*/
protected AuthenticationManager authenticationManager() throws Exception {
if (!authenticationManagerInitialized) {
configure(localConfigureAuthenticationBldr);
if (disableLocalConfigureAuthenticationBldr) {
authenticationManager = authenticationConfiguration.getAuthenticationManager();
if (!this.authenticationManagerInitialized) {
configure(this.localConfigureAuthenticationBldr);
if (this.disableLocalConfigureAuthenticationBldr) {
this.authenticationManager = this.authenticationConfiguration.getAuthenticationManager();
}
else {
authenticationManager = localConfigureAuthenticationBldr.build();
this.authenticationManager = this.localConfigureAuthenticationBldr.build();
}
authenticationManagerInitialized = true;
this.authenticationManagerInitialized = true;
}
return authenticationManager;
return this.authenticationManager;
}
/**
@ -296,8 +296,8 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
* @see #userDetailsService()
*/
public UserDetailsService userDetailsServiceBean() throws Exception {
AuthenticationManagerBuilder globalAuthBuilder = context.getBean(AuthenticationManagerBuilder.class);
return new UserDetailsServiceDelegator(Arrays.asList(localConfigureAuthenticationBldr, globalAuthBuilder));
AuthenticationManagerBuilder globalAuthBuilder = this.context.getBean(AuthenticationManagerBuilder.class);
return new UserDetailsServiceDelegator(Arrays.asList(this.localConfigureAuthenticationBldr, globalAuthBuilder));
}
/**
@ -308,8 +308,8 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
* @return the {@link UserDetailsService} to use
*/
protected UserDetailsService userDetailsService() {
AuthenticationManagerBuilder globalAuthBuilder = context.getBean(AuthenticationManagerBuilder.class);
return new UserDetailsServiceDelegator(Arrays.asList(localConfigureAuthenticationBldr, globalAuthBuilder));
AuthenticationManagerBuilder globalAuthBuilder = this.context.getBean(AuthenticationManagerBuilder.class);
return new UserDetailsServiceDelegator(Arrays.asList(this.localConfigureAuthenticationBldr, globalAuthBuilder));
}
public void init(final WebSecurity web) throws Exception {
@ -350,7 +350,7 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
* @throws Exception if an error occurs
*/
protected void configure(HttpSecurity http) throws Exception {
logger.debug(
this.logger.debug(
"Using default configure(HttpSecurity). If subclassed this will potentially override subclass configure(HttpSecurity).");
// @formatter:off
@ -378,20 +378,20 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
ObjectPostProcessor<Object> objectPostProcessor = context.getBean(ObjectPostProcessor.class);
LazyPasswordEncoder passwordEncoder = new LazyPasswordEncoder(context);
authenticationBuilder = new DefaultPasswordEncoderAuthenticationManagerBuilder(objectPostProcessor,
this.authenticationBuilder = new DefaultPasswordEncoderAuthenticationManagerBuilder(objectPostProcessor,
passwordEncoder);
localConfigureAuthenticationBldr = new DefaultPasswordEncoderAuthenticationManagerBuilder(objectPostProcessor,
passwordEncoder) {
this.localConfigureAuthenticationBldr = new DefaultPasswordEncoderAuthenticationManagerBuilder(
objectPostProcessor, passwordEncoder) {
@Override
public AuthenticationManagerBuilder eraseCredentials(boolean eraseCredentials) {
authenticationBuilder.eraseCredentials(eraseCredentials);
WebSecurityConfigurerAdapter.this.authenticationBuilder.eraseCredentials(eraseCredentials);
return super.eraseCredentials(eraseCredentials);
}
@Override
public AuthenticationManagerBuilder authenticationEventPublisher(
AuthenticationEventPublisher eventPublisher) {
authenticationBuilder.authenticationEventPublisher(eventPublisher);
WebSecurityConfigurerAdapter.this.authenticationBuilder.authenticationEventPublisher(eventPublisher);
return super.authenticationEventPublisher(eventPublisher);
}
};
@ -430,11 +430,11 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
*/
private Map<Class<?>, Object> createSharedObjects() {
Map<Class<?>, Object> sharedObjects = new HashMap<>();
sharedObjects.putAll(localConfigureAuthenticationBldr.getSharedObjects());
sharedObjects.putAll(this.localConfigureAuthenticationBldr.getSharedObjects());
sharedObjects.put(UserDetailsService.class, userDetailsService());
sharedObjects.put(ApplicationContext.class, context);
sharedObjects.put(ContentNegotiationStrategy.class, contentNegotiationStrategy);
sharedObjects.put(AuthenticationTrustResolver.class, trustResolver);
sharedObjects.put(ApplicationContext.class, this.context);
sharedObjects.put(ContentNegotiationStrategy.class, this.contentNegotiationStrategy);
sharedObjects.put(AuthenticationTrustResolver.class, this.trustResolver);
return sharedObjects;
}
@ -462,27 +462,27 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
}
public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
if (delegate != null) {
return delegate.loadUserByUsername(username);
if (this.delegate != null) {
return this.delegate.loadUserByUsername(username);
}
synchronized (delegateMonitor) {
if (delegate == null) {
for (AuthenticationManagerBuilder delegateBuilder : delegateBuilders) {
delegate = delegateBuilder.getDefaultUserDetailsService();
if (delegate != null) {
synchronized (this.delegateMonitor) {
if (this.delegate == null) {
for (AuthenticationManagerBuilder delegateBuilder : this.delegateBuilders) {
this.delegate = delegateBuilder.getDefaultUserDetailsService();
if (this.delegate != null) {
break;
}
}
if (delegate == null) {
if (this.delegate == null) {
throw new IllegalStateException("UserDetailsService is required.");
}
this.delegateBuilders = null;
}
}
return delegate.loadUserByUsername(username);
return this.delegate.loadUserByUsername(username);
}
}
@ -509,24 +509,24 @@ public abstract class WebSecurityConfigurerAdapter implements WebSecurityConfigu
Field parentAuthMgrField = ReflectionUtils.findField(AuthenticationManagerBuilder.class,
"parentAuthenticationManager");
ReflectionUtils.makeAccessible(parentAuthMgrField);
beanNames = getAuthenticationManagerBeanNames(context);
validateBeanCycle(ReflectionUtils.getField(parentAuthMgrField, delegateBuilder), beanNames);
this.beanNames = getAuthenticationManagerBeanNames(context);
validateBeanCycle(ReflectionUtils.getField(parentAuthMgrField, delegateBuilder), this.beanNames);
this.delegateBuilder = delegateBuilder;
}
public Authentication authenticate(Authentication authentication) throws AuthenticationException {
if (delegate != null) {
return delegate.authenticate(authentication);
if (this.delegate != null) {
return this.delegate.authenticate(authentication);
}
synchronized (delegateMonitor) {
if (delegate == null) {
delegate = this.delegateBuilder.getObject();
synchronized (this.delegateMonitor) {
if (this.delegate == null) {
this.delegate = this.delegateBuilder.getObject();
this.delegateBuilder = null;
}
}
return delegate.authenticate(authentication);
return this.delegate.authenticate(authentication);
}
private static Set<String> getAuthenticationManagerBeanNames(ApplicationContext applicationContext) {

46
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractAuthenticationFilterConfigurer.java
View File

@ -141,7 +141,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
*/
public T loginProcessingUrl(String loginProcessingUrl) {
this.loginProcessingUrl = loginProcessingUrl;
authFilter.setRequiresAuthenticationRequestMatcher(createLoginProcessingUrlMatcher(loginProcessingUrl));
this.authFilter.setRequiresAuthenticationRequestMatcher(createLoginProcessingUrlMatcher(loginProcessingUrl));
return getSelf();
}
@ -268,7 +268,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
public void configure(B http) throws Exception {
PortMapper portMapper = http.getSharedObject(PortMapper.class);
if (portMapper != null) {
authenticationEntryPoint.setPortMapper(portMapper);
this.authenticationEntryPoint.setPortMapper(portMapper);
}
RequestCache requestCache = http.getSharedObject(RequestCache.class);
@ -276,22 +276,22 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
this.defaultSuccessHandler.setRequestCache(requestCache);
}
authFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
authFilter.setAuthenticationSuccessHandler(successHandler);
authFilter.setAuthenticationFailureHandler(failureHandler);
if (authenticationDetailsSource != null) {
authFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
this.authFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
this.authFilter.setAuthenticationSuccessHandler(this.successHandler);
this.authFilter.setAuthenticationFailureHandler(this.failureHandler);
if (this.authenticationDetailsSource != null) {
this.authFilter.setAuthenticationDetailsSource(this.authenticationDetailsSource);
}
SessionAuthenticationStrategy sessionAuthenticationStrategy = http
.getSharedObject(SessionAuthenticationStrategy.class);
if (sessionAuthenticationStrategy != null) {
authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy);
this.authFilter.setSessionAuthenticationStrategy(sessionAuthenticationStrategy);
}
RememberMeServices rememberMeServices = http.getSharedObject(RememberMeServices.class);
if (rememberMeServices != null) {
authFilter.setRememberMeServices(rememberMeServices);
this.authFilter.setRememberMeServices(rememberMeServices);
}
F filter = postProcess(authFilter);
F filter = postProcess(this.authFilter);
http.addFilter(filter);
}
@ -319,7 +319,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return true if a custom login page has been specified, else false
*/
public final boolean isCustomLoginPage() {
return customLoginPage;
return this.customLoginPage;
}
/**
@ -327,7 +327,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return the Authentication Filter
*/
protected final F getAuthenticationFilter() {
return authFilter;
return this.authFilter;
}
/**
@ -343,7 +343,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return the login page
*/
protected final String getLoginPage() {
return loginPage;
return this.loginPage;
}
/**
@ -351,7 +351,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return the Authentication Entry Point
*/
protected final AuthenticationEntryPoint getAuthenticationEntryPoint() {
return authenticationEntryPoint;
return this.authenticationEntryPoint;
}
/**
@ -360,7 +360,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return the URL to submit an authentication request to
*/
protected final String getLoginProcessingUrl() {
return loginProcessingUrl;
return this.loginProcessingUrl;
}
/**
@ -368,7 +368,7 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @return the URL to send users if authentication fails (e.g. "/login?error").
*/
protected final String getFailureUrl() {
return failureUrl;
return this.failureUrl;
}
/**
@ -376,16 +376,16 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* @throws Exception
*/
protected final void updateAuthenticationDefaults() {
if (loginProcessingUrl == null) {
loginProcessingUrl(loginPage);
if (this.loginProcessingUrl == null) {
loginProcessingUrl(this.loginPage);
}
if (failureHandler == null) {
failureUrl(loginPage + "?error");
if (this.failureHandler == null) {
failureUrl(this.loginPage + "?error");
}
final LogoutConfigurer<B> logoutConfigurer = getBuilder().getConfigurer(LogoutConfigurer.class);
if (logoutConfigurer != null && !logoutConfigurer.isCustomLogoutSuccess()) {
logoutConfigurer.logoutSuccessUrl(loginPage + "?logout");
logoutConfigurer.logoutSuccessUrl(this.loginPage + "?logout");
}
}
@ -393,8 +393,8 @@ public abstract class AbstractAuthenticationFilterConfigurer<B extends HttpSecur
* Updates the default values for access.
*/
protected final void updateAccessDefaults(B http) {
if (permitAll) {
PermitAllSupport.permitAll(http, loginPage, loginProcessingUrl, failureUrl);
if (this.permitAll) {
PermitAllSupport.permitAll(http, this.loginPage, this.loginProcessingUrl, this.failureUrl);
}
}

10
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractConfigAttributeRequestMatcherRegistry.java
View File

@ -48,7 +48,7 @@ public abstract class AbstractConfigAttributeRequestMatcherRegistry<C> extends A
* {@link #chainRequestMatchers(java.util.List)}
*/
final List<UrlMapping> getUrlMappings() {
return urlMappings;
return this.urlMappings;
}
/**
@ -100,8 +100,8 @@ public abstract class AbstractConfigAttributeRequestMatcherRegistry<C> extends A
* {@link ConfigAttribute} instances. Cannot be null.
*/
final LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> createRequestMap() {
if (unmappedMatchers != null) {
throw new IllegalStateException("An incomplete mapping was found for " + unmappedMatchers
if (this.unmappedMatchers != null) {
throw new IllegalStateException("An incomplete mapping was found for " + this.unmappedMatchers
+ ". Try completing it with something like requestUrls().<something>.hasRole('USER')");
}
@ -130,11 +130,11 @@ public abstract class AbstractConfigAttributeRequestMatcherRegistry<C> extends A
}
public RequestMatcher getRequestMatcher() {
return requestMatcher;
return this.requestMatcher;
}
public Collection<ConfigAttribute> getConfigAttrs() {
return configAttrs;
return this.configAttrs;
}
}

10
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AbstractInterceptUrlConfigurer.java
View File

@ -75,8 +75,8 @@ abstract class AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConf
}
FilterSecurityInterceptor securityInterceptor = createFilterSecurityInterceptor(http, metadataSource,
http.getSharedObject(AuthenticationManager.class));
if (filterSecurityInterceptorOncePerRequest != null) {
securityInterceptor.setObserveOncePerRequest(filterSecurityInterceptorOncePerRequest);
if (this.filterSecurityInterceptorOncePerRequest != null) {
securityInterceptor.setObserveOncePerRequest(this.filterSecurityInterceptorOncePerRequest);
}
securityInterceptor = postProcess(securityInterceptor);
http.addFilter(securityInterceptor);
@ -157,10 +157,10 @@ abstract class AbstractInterceptUrlConfigurer<C extends AbstractInterceptUrlConf
* @return the {@link AccessDecisionManager} to use
*/
private AccessDecisionManager getAccessDecisionManager(H http) {
if (accessDecisionManager == null) {
accessDecisionManager = createDefaultAccessDecisionManager(http);
if (this.accessDecisionManager == null) {
this.accessDecisionManager = createDefaultAccessDecisionManager(http);
}
return accessDecisionManager;
return this.accessDecisionManager;
}
/**

22
config/src/main/java/org/springframework/security/config/annotation/web/configurers/AnonymousConfigurer.java
View File

@ -140,27 +140,27 @@ public final class AnonymousConfigurer<H extends HttpSecurityBuilder<H>>
@Override
public void init(H http) {
if (authenticationProvider == null) {
authenticationProvider = new AnonymousAuthenticationProvider(getKey());
if (this.authenticationProvider == null) {
this.authenticationProvider = new AnonymousAuthenticationProvider(getKey());
}
if (authenticationFilter == null) {
authenticationFilter = new AnonymousAuthenticationFilter(getKey(), principal, authorities);
if (this.authenticationFilter == null) {
this.authenticationFilter = new AnonymousAuthenticationFilter(getKey(), this.principal, this.authorities);
}
authenticationProvider = postProcess(authenticationProvider);
http.authenticationProvider(authenticationProvider);
this.authenticationProvider = postProcess(this.authenticationProvider);
http.authenticationProvider(this.authenticationProvider);
}
@Override
public void configure(H http) {
authenticationFilter.afterPropertiesSet();
http.addFilter(authenticationFilter);
this.authenticationFilter.afterPropertiesSet();
http.addFilter(this.authenticationFilter);
}
private String getKey() {
if (key == null) {
key = UUID.randomUUID().toString();
if (this.key == null) {
this.key = UUID.randomUUID().toString();
}
return key;
return this.key;
}
}

22
config/src/main/java/org/springframework/security/config/annotation/web/configurers/ChannelSecurityConfigurer.java
View File

@ -96,7 +96,7 @@ public final class ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>>
}
public ChannelRequestMatcherRegistry getRegistry() {
return REGISTRY;
return this.REGISTRY;
}
@Override
@ -105,19 +105,19 @@ public final class ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>>
channelDecisionManager.setChannelProcessors(getChannelProcessors(http));
channelDecisionManager = postProcess(channelDecisionManager);
channelFilter.setChannelDecisionManager(channelDecisionManager);
this.channelFilter.setChannelDecisionManager(channelDecisionManager);
DefaultFilterInvocationSecurityMetadataSource filterInvocationSecurityMetadataSource = new DefaultFilterInvocationSecurityMetadataSource(
requestMap);
channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource);
this.requestMap);
this.channelFilter.setSecurityMetadataSource(filterInvocationSecurityMetadataSource);
channelFilter = postProcess(channelFilter);
http.addFilter(channelFilter);
this.channelFilter = postProcess(this.channelFilter);
http.addFilter(this.channelFilter);
}
private List<ChannelProcessor> getChannelProcessors(H http) {
if (channelProcessors != null) {
return channelProcessors;
if (this.channelProcessors != null) {
return this.channelProcessors;
}
InsecureChannelProcessor insecureChannelProcessor = new InsecureChannelProcessor();
@ -141,9 +141,9 @@ public final class ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>>
private ChannelRequestMatcherRegistry addAttribute(String attribute, List<? extends RequestMatcher> matchers) {
for (RequestMatcher matcher : matchers) {
Collection<ConfigAttribute> attrs = Arrays.<ConfigAttribute>asList(new SecurityConfig(attribute));
requestMap.put(matcher, attrs);
this.requestMap.put(matcher, attrs);
}
return REGISTRY;
return this.REGISTRY;
}
public final class ChannelRequestMatcherRegistry
@ -233,7 +233,7 @@ public final class ChannelSecurityConfigurer<H extends HttpSecurityBuilder<H>>
}
public ChannelRequestMatcherRegistry requires(String attribute) {
return addAttribute(attribute, requestMatchers);
return addAttribute(attribute, this.requestMatchers);
}
}

8
config/src/main/java/org/springframework/security/config/annotation/web/configurers/DefaultLoginPageConfigurer.java
View File

@ -84,7 +84,7 @@ public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>>
};
this.loginPageGeneratingFilter.setResolveHiddenInputs(hiddenInputs);
this.logoutPageGeneratingFilter.setResolveHiddenInputs(hiddenInputs);
http.setSharedObject(DefaultLoginPageGeneratingFilter.class, loginPageGeneratingFilter);
http.setSharedObject(DefaultLoginPageGeneratingFilter.class, this.loginPageGeneratingFilter);
}
@Override
@ -96,9 +96,9 @@ public final class DefaultLoginPageConfigurer<H extends HttpSecurityBuilder<H>>
authenticationEntryPoint = exceptionConf.getAuthenticationEntryPoint();
}
if (loginPageGeneratingFilter.isEnabled() && authenticationEntryPoint == null) {
loginPageGeneratingFilter = postProcess(loginPageGeneratingFilter);
http.addFilter(loginPageGeneratingFilter);
if (this.loginPageGeneratingFilter.isEnabled() && authenticationEntryPoint == null) {
this.loginPageGeneratingFilter = postProcess(this.loginPageGeneratingFilter);
http.addFilter(this.loginPageGeneratingFilter);
http.addFilter(this.logoutPageGeneratingFilter);
}
}

16
config/src/main/java/org/springframework/security/config/annotation/web/configurers/ExpressionUrlAuthorizationConfigurer.java
View File

@ -106,7 +106,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
}
public ExpressionInterceptUrlRegistry getRegistry() {
return REGISTRY;
return this.REGISTRY;
}
public final class ExpressionInterceptUrlRegistry extends
@ -175,7 +175,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
private void interceptUrl(Iterable<? extends RequestMatcher> requestMatchers,
Collection<ConfigAttribute> configAttributes) {
for (RequestMatcher requestMatcher : requestMatchers) {
REGISTRY.addMapping(
this.REGISTRY.addMapping(
new AbstractConfigAttributeRequestMatcherRegistry.UrlMapping(requestMatcher, configAttributes));
}
}
@ -192,7 +192,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
@Override
ExpressionBasedFilterInvocationSecurityMetadataSource createMetadataSource(H http) {
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = REGISTRY.createRequestMap();
LinkedHashMap<RequestMatcher, Collection<ConfigAttribute>> requestMap = this.REGISTRY.createRequestMap();
if (requestMap.isEmpty()) {
throw new IllegalStateException(
"At least one mapping is required (i.e. authorizeRequests().anyRequest().authenticated())");
@ -201,7 +201,7 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
}
private SecurityExpressionHandler<FilterInvocation> getExpressionHandler(H http) {
if (expressionHandler == null) {
if (this.expressionHandler == null) {
DefaultWebSecurityExpressionHandler defaultHandler = new DefaultWebSecurityExpressionHandler();
AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
if (trustResolver != null) {
@ -228,10 +228,10 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
}
}
expressionHandler = postProcess(defaultHandler);
this.expressionHandler = postProcess(defaultHandler);
}
return expressionHandler;
return this.expressionHandler;
}
private static String hasAnyRole(String... authorities) {
@ -439,10 +439,10 @@ public final class ExpressionUrlAuthorizationConfigurer<H extends HttpSecurityBu
* customization
*/
public ExpressionInterceptUrlRegistry access(String attribute) {
if (not) {
if (this.not) {
attribute = "!" + attribute;
}
interceptUrl(requestMatchers, SecurityConfig.createList(attribute));
interceptUrl(this.requestMatchers, SecurityConfig.createList(attribute));
return ExpressionUrlAuthorizationConfigurer.this.REGISTRY;
}

124
config/src/main/java/org/springframework/security/config/annotation/web/configurers/HeadersConfigurer.java
View File

@ -125,7 +125,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link ContentTypeOptionsConfig} for additional customizations
*/
public ContentTypeOptionsConfig contentTypeOptions() {
return contentTypeOptions.enable();
return this.contentTypeOptions.enable();
}
/**
@ -141,7 +141,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> contentTypeOptions(Customizer<ContentTypeOptionsConfig> contentTypeOptionsCustomizer) {
contentTypeOptionsCustomizer.customize(contentTypeOptions.enable());
contentTypeOptionsCustomizer.customize(this.contentTypeOptions.enable());
return HeadersConfigurer.this;
}
@ -158,7 +158,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return {@link HeadersConfigurer} for additional customization.
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return and();
}
@ -175,8 +175,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link ContentTypeOptionsConfig} for additional customization
*/
private ContentTypeOptionsConfig enable() {
if (writer == null) {
writer = new XContentTypeOptionsHeaderWriter();
if (this.writer == null) {
this.writer = new XContentTypeOptionsHeaderWriter();
}
return this;
}
@ -194,7 +194,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link XXssConfig} for additional customizations
*/
public XXssConfig xssProtection() {
return xssProtection.enable();
return this.xssProtection.enable();
}
/**
@ -210,7 +210,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> xssProtection(Customizer<XXssConfig> xssCustomizer) {
xssCustomizer.customize(xssProtection.enable());
xssCustomizer.customize(this.xssProtection.enable());
return HeadersConfigurer.this;
}
@ -228,7 +228,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param enabled the new value
*/
public XXssConfig block(boolean enabled) {
writer.setBlock(enabled);
this.writer.setBlock(enabled);
return this;
}
@ -256,7 +256,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param enabled the new value
*/
public XXssConfig xssProtectionEnabled(boolean enabled) {
writer.setEnabled(enabled);
this.writer.setEnabled(enabled);
return this;
}
@ -265,7 +265,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional configuration
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return and();
}
@ -283,8 +283,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link XXssConfig} for additional customization
*/
private XXssConfig enable() {
if (writer == null) {
writer = new XXssProtectionHeaderWriter();
if (this.writer == null) {
this.writer = new XXssProtectionHeaderWriter();
}
return this;
}
@ -302,7 +302,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link CacheControlConfig} for additional customizations
*/
public CacheControlConfig cacheControl() {
return cacheControl.enable();
return this.cacheControl.enable();
}
/**
@ -318,7 +318,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> cacheControl(Customizer<CacheControlConfig> cacheControlCustomizer) {
cacheControlCustomizer.customize(cacheControl.enable());
cacheControlCustomizer.customize(this.cacheControl.enable());
return HeadersConfigurer.this;
}
@ -335,7 +335,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional configuration
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return HeadersConfigurer.this;
}
@ -353,8 +353,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link CacheControlConfig} for additional customization
*/
private CacheControlConfig enable() {
if (writer == null) {
writer = new CacheControlHeadersWriter();
if (this.writer == null) {
this.writer = new CacheControlHeadersWriter();
}
return this;
}
@ -368,7 +368,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HstsConfig} for additional customizations
*/
public HstsConfig httpStrictTransportSecurity() {
return hsts.enable();
return this.hsts.enable();
}
/**
@ -380,7 +380,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> httpStrictTransportSecurity(Customizer<HstsConfig> hstsCustomizer) {
hstsCustomizer.customize(hsts.enable());
hstsCustomizer.customize(this.hsts.enable());
return HeadersConfigurer.this;
}
@ -409,7 +409,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if maxAgeInSeconds is negative
*/
public HstsConfig maxAgeInSeconds(long maxAgeInSeconds) {
writer.setMaxAgeInSeconds(maxAgeInSeconds);
this.writer.setMaxAgeInSeconds(maxAgeInSeconds);
return this;
}
@ -422,7 +422,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if {@link RequestMatcher} is null
*/
public HstsConfig requestMatcher(RequestMatcher requestMatcher) {
writer.setRequestMatcher(requestMatcher);
this.writer.setRequestMatcher(requestMatcher);
return this;
}
@ -438,7 +438,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param includeSubDomains true to include subdomains, else false
*/
public HstsConfig includeSubDomains(boolean includeSubDomains) {
writer.setIncludeSubDomains(includeSubDomains);
this.writer.setIncludeSubDomains(includeSubDomains);
return this;
}
@ -456,7 +456,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @author Ankur Pathak
*/
public HstsConfig preload(boolean preload) {
writer.setPreload(preload);
this.writer.setPreload(preload);
return this;
}
@ -465,7 +465,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional configuration
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return HeadersConfigurer.this;
}
@ -483,8 +483,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HstsConfig} for additional customization
*/
private HstsConfig enable() {
if (writer == null) {
writer = new HstsHeaderWriter();
if (this.writer == null) {
this.writer = new HstsHeaderWriter();
}
return this;
}
@ -496,7 +496,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link FrameOptionsConfig} for additional customizations
*/
public FrameOptionsConfig frameOptions() {
return frameOptions.enable();
return this.frameOptions.enable();
}
/**
@ -506,7 +506,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> frameOptions(Customizer<FrameOptionsConfig> frameOptionsCustomizer) {
frameOptionsCustomizer.customize(frameOptions.enable());
frameOptionsCustomizer.customize(this.frameOptions.enable());
return HeadersConfigurer.this;
}
@ -523,7 +523,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customization.
*/
public HeadersConfigurer<H> deny() {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
this.writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
return and();
}
@ -537,7 +537,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customization.
*/
public HeadersConfigurer<H> sameOrigin() {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
this.writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.SAMEORIGIN);
return and();
}
@ -546,7 +546,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional configuration.
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return and();
}
@ -563,8 +563,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the FrameOptionsConfig for additional customization.
*/
private FrameOptionsConfig enable() {
if (writer == null) {
writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
if (this.writer == null) {
this.writer = new XFrameOptionsHeaderWriter(XFrameOptionsMode.DENY);
}
return this;
}
@ -579,7 +579,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @since 4.1
*/
public HpkpConfig httpPublicKeyPinning() {
return hpkp.enable();
return this.hpkp.enable();
}
/**
@ -590,7 +590,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customizations
*/
public HeadersConfigurer<H> httpPublicKeyPinning(Customizer<HpkpConfig> hpkpCustomizer) {
hpkpCustomizer.customize(hpkp.enable());
hpkpCustomizer.customize(this.hpkp.enable());
return HeadersConfigurer.this;
}
@ -617,7 +617,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if pins is null
*/
public HpkpConfig withPins(Map<String, String> pins) {
writer.setPins(pins);
this.writer.setPins(pins);
return this;
}
@ -637,7 +637,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if a pin is null
*/
public HpkpConfig addSha256Pins(String... pins) {
writer.addSha256Pins(pins);
this.writer.addSha256Pins(pins);
return this;
}
@ -658,7 +658,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if maxAgeInSeconds is negative
*/
public HpkpConfig maxAgeInSeconds(long maxAgeInSeconds) {
writer.setMaxAgeInSeconds(maxAgeInSeconds);
this.writer.setMaxAgeInSeconds(maxAgeInSeconds);
return this;
}
@ -675,7 +675,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param includeSubDomains true to include subdomains, else false
*/
public HpkpConfig includeSubDomains(boolean includeSubDomains) {
writer.setIncludeSubDomains(includeSubDomains);
this.writer.setIncludeSubDomains(includeSubDomains);
return this;
}
@ -692,7 +692,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param reportOnly true to report only, else false
*/
public HpkpConfig reportOnly(boolean reportOnly) {
writer.setReportOnly(reportOnly);
this.writer.setReportOnly(reportOnly);
return this;
}
@ -708,7 +708,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @param reportUri the URI where the browser should send the report to.
*/
public HpkpConfig reportUri(URI reportUri) {
writer.setReportUri(reportUri);
this.writer.setReportUri(reportUri);
return this;
}
@ -725,7 +725,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @throws IllegalArgumentException if the reportUri is not a valid URI
*/
public HpkpConfig reportUri(String reportUri) {
writer.setReportUri(reportUri);
this.writer.setReportUri(reportUri);
return this;
}
@ -734,7 +734,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional configuration.
*/
public HeadersConfigurer<H> disable() {
writer = null;
this.writer = null;
return and();
}
@ -753,8 +753,8 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HstsConfig} for additional customization
*/
private HpkpConfig enable() {
if (writer == null) {
writer = new HpkpHeaderWriter();
if (this.writer == null) {
this.writer = new HpkpHeaderWriter();
}
return this;
}
@ -788,7 +788,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
*/
public ContentSecurityPolicyConfig contentSecurityPolicy(String policyDirectives) {
this.contentSecurityPolicy.writer = new ContentSecurityPolicyHeaderWriter(policyDirectives);
return contentSecurityPolicy;
return this.contentSecurityPolicy;
}
/**
@ -874,11 +874,11 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link HeadersConfigurer} for additional customization
*/
public HeadersConfigurer<H> defaultsDisabled() {
contentTypeOptions.disable();
xssProtection.disable();
cacheControl.disable();
hsts.disable();
frameOptions.disable();
this.contentTypeOptions.disable();
this.xssProtection.disable();
this.cacheControl.disable();
this.hsts.disable();
this.frameOptions.disable();
return this;
}
@ -909,16 +909,16 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
*/
private List<HeaderWriter> getHeaderWriters() {
List<HeaderWriter> writers = new ArrayList<>();
addIfNotNull(writers, contentTypeOptions.writer);
addIfNotNull(writers, xssProtection.writer);
addIfNotNull(writers, cacheControl.writer);
addIfNotNull(writers, hsts.writer);
addIfNotNull(writers, frameOptions.writer);
addIfNotNull(writers, hpkp.writer);
addIfNotNull(writers, contentSecurityPolicy.writer);
addIfNotNull(writers, referrerPolicy.writer);
addIfNotNull(writers, featurePolicy.writer);
writers.addAll(headerWriters);
addIfNotNull(writers, this.contentTypeOptions.writer);
addIfNotNull(writers, this.xssProtection.writer);
addIfNotNull(writers, this.cacheControl.writer);
addIfNotNull(writers, this.hsts.writer);
addIfNotNull(writers, this.frameOptions.writer);
addIfNotNull(writers, this.hpkp.writer);
addIfNotNull(writers, this.contentSecurityPolicy.writer);
addIfNotNull(writers, this.referrerPolicy.writer);
addIfNotNull(writers, this.featurePolicy.writer);
writers.addAll(this.headerWriters);
return writers;
}
@ -1045,7 +1045,7 @@ public class HeadersConfigurer<H extends HttpSecurityBuilder<H>>
*/
public FeaturePolicyConfig featurePolicy(String policyDirectives) {
this.featurePolicy.writer = new FeaturePolicyHeaderWriter(policyDirectives);
return featurePolicy;
return this.featurePolicy;
}
public final class FeaturePolicyConfig {

19
config/src/main/java/org/springframework/security/config/annotation/web/configurers/JeeConfigurer.java
View File

@ -212,14 +212,15 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
* @return the {@link J2eePreAuthenticatedProcessingFilter} to use.
*/
private J2eePreAuthenticatedProcessingFilter getFilter(AuthenticationManager authenticationManager) {
if (j2eePreAuthenticatedProcessingFilter == null) {
j2eePreAuthenticatedProcessingFilter = new J2eePreAuthenticatedProcessingFilter();
j2eePreAuthenticatedProcessingFilter.setAuthenticationManager(authenticationManager);
j2eePreAuthenticatedProcessingFilter.setAuthenticationDetailsSource(createWebAuthenticationDetailsSource());
j2eePreAuthenticatedProcessingFilter = postProcess(j2eePreAuthenticatedProcessingFilter);
if (this.j2eePreAuthenticatedProcessingFilter == null) {
this.j2eePreAuthenticatedProcessingFilter = new J2eePreAuthenticatedProcessingFilter();
this.j2eePreAuthenticatedProcessingFilter.setAuthenticationManager(authenticationManager);
this.j2eePreAuthenticatedProcessingFilter
.setAuthenticationDetailsSource(createWebAuthenticationDetailsSource());
this.j2eePreAuthenticatedProcessingFilter = postProcess(this.j2eePreAuthenticatedProcessingFilter);
}
return j2eePreAuthenticatedProcessingFilter;
return this.j2eePreAuthenticatedProcessingFilter;
}
/**
@ -228,8 +229,8 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
* @return the {@link AuthenticationUserDetailsService} to use
*/
private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> getUserDetailsService() {
return authenticationUserDetailsService == null ? new PreAuthenticatedGrantedAuthoritiesUserDetailsService()
: authenticationUserDetailsService;
return this.authenticationUserDetailsService == null
? new PreAuthenticatedGrantedAuthoritiesUserDetailsService() : this.authenticationUserDetailsService;
}
/**
@ -241,7 +242,7 @@ public final class JeeConfigurer<H extends HttpSecurityBuilder<H>> extends Abstr
private J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource createWebAuthenticationDetailsSource() {
J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource detailsSource = new J2eeBasedPreAuthenticatedWebAuthenticationDetailsSource();
SimpleMappableAttributesRetriever rolesRetriever = new SimpleMappableAttributesRetriever();
rolesRetriever.setMappableAttributes(mappableRoles);
rolesRetriever.setMappableAttributes(this.mappableRoles);
detailsSource.setMappableRolesRetriever(rolesRetriever);
detailsSource = postProcess(detailsSource);

28
config/src/main/java/org/springframework/security/config/annotation/web/configurers/LogoutConfigurer.java
View File

@ -114,7 +114,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link LogoutConfigurer} for further customization
*/
public LogoutConfigurer<H> clearAuthentication(boolean clearAuthentication) {
contextLogoutHandler.setClearAuthentication(clearAuthentication);
this.contextLogoutHandler.setClearAuthentication(clearAuthentication);
return this;
}
@ -126,7 +126,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link LogoutConfigurer} for further customization
*/
public LogoutConfigurer<H> invalidateHttpSession(boolean invalidateHttpSession) {
contextLogoutHandler.setInvalidateHttpSession(invalidateHttpSession);
this.contextLogoutHandler.setInvalidateHttpSession(invalidateHttpSession);
return this;
}
@ -259,19 +259,19 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
private LogoutSuccessHandler createDefaultSuccessHandler() {
SimpleUrlLogoutSuccessHandler urlLogoutHandler = new SimpleUrlLogoutSuccessHandler();
urlLogoutHandler.setDefaultTargetUrl(logoutSuccessUrl);
if (defaultLogoutSuccessHandlerMappings.isEmpty()) {
urlLogoutHandler.setDefaultTargetUrl(this.logoutSuccessUrl);
if (this.defaultLogoutSuccessHandlerMappings.isEmpty()) {
return urlLogoutHandler;
}
DelegatingLogoutSuccessHandler successHandler = new DelegatingLogoutSuccessHandler(
defaultLogoutSuccessHandlerMappings);
this.defaultLogoutSuccessHandlerMappings);
successHandler.setDefaultLogoutSuccessHandler(urlLogoutHandler);
return successHandler;
}
@Override
public void init(H http) {
if (permitAll) {
if (this.permitAll) {
PermitAllSupport.permitAll(http, this.logoutSuccessUrl);
PermitAllSupport.permitAll(http, this.getLogoutRequestMatcher(http));
}
@ -296,7 +296,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return true if logout success handling has been customized, else false
*/
boolean isCustomLogoutSuccess() {
return customLogoutSuccess;
return this.customLogoutSuccess;
}
/**
@ -305,7 +305,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return the logoutSuccessUrl
*/
private String getLogoutSuccessUrl() {
return logoutSuccessUrl;
return this.logoutSuccessUrl;
}
/**
@ -313,7 +313,7 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link LogoutHandler} instances. Cannot be null.
*/
List<LogoutHandler> getLogoutHandlers() {
return logoutHandlers;
return this.logoutHandlers;
}
/**
@ -324,9 +324,9 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link LogoutFilter} to use.
*/
private LogoutFilter createLogoutFilter(H http) {
logoutHandlers.add(contextLogoutHandler);
logoutHandlers.add(postProcess(new LogoutSuccessEventPublishingLogoutHandler()));
LogoutHandler[] handlers = logoutHandlers.toArray(new LogoutHandler[0]);
this.logoutHandlers.add(this.contextLogoutHandler);
this.logoutHandlers.add(postProcess(new LogoutSuccessEventPublishingLogoutHandler()));
LogoutHandler[] handlers = this.logoutHandlers.toArray(new LogoutHandler[0]);
LogoutFilter result = new LogoutFilter(getLogoutSuccessHandler(), handlers);
result.setLogoutRequestMatcher(getLogoutRequestMatcher(http));
result = postProcess(result);
@ -335,8 +335,8 @@ public final class LogoutConfigurer<H extends HttpSecurityBuilder<H>>
@SuppressWarnings("unchecked")
private RequestMatcher getLogoutRequestMatcher(H http) {
if (logoutRequestMatcher != null) {
return logoutRequestMatcher;
if (this.logoutRequestMatcher != null) {
return this.logoutRequestMatcher;
}
if (http.getConfigurer(CsrfConfigurer.class) != null) {
this.logoutRequestMatcher = new AntPathRequestMatcher(this.logoutUrl, "POST");

6
config/src/main/java/org/springframework/security/config/annotation/web/configurers/PermitAllSupport.java
View File

@ -73,16 +73,16 @@ final class PermitAllSupport {
}
if ("".equals(request.getContextPath())) {
return uri.equals(processUrl);
return uri.equals(this.processUrl);
}
return uri.equals(request.getContextPath() + processUrl);
return uri.equals(request.getContextPath() + this.processUrl);
}
@Override
public String toString() {
StringBuilder sb = new StringBuilder();
sb.append("ExactUrl [processUrl='").append(processUrl).append("']");
sb.append("ExactUrl [processUrl='").append(this.processUrl).append("']");
return sb.toString();
}

8
config/src/main/java/org/springframework/security/config/annotation/web/configurers/PortMapperConfigurer.java
View File

@ -75,12 +75,12 @@ public final class PortMapperConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link PortMapper} to use
*/
private PortMapper getPortMapper() {
if (portMapper == null) {
if (this.portMapper == null) {
PortMapperImpl portMapper = new PortMapperImpl();
portMapper.setPortMappings(httpsPortMappings);
portMapper.setPortMappings(this.httpsPortMappings);
this.portMapper = portMapper;
}
return portMapper;
return this.portMapper;
}
/**
@ -109,7 +109,7 @@ public final class PortMapperConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link PortMapperConfigurer} for further customization
*/
public PortMapperConfigurer<H> mapsTo(int httpsPort) {
httpsPortMappings.put(String.valueOf(httpPort), String.valueOf(httpsPort));
PortMapperConfigurer.this.httpsPortMappings.put(String.valueOf(this.httpPort), String.valueOf(httpsPort));
return PortMapperConfigurer.this;
}

2
config/src/main/java/org/springframework/security/config/annotation/web/configurers/RememberMeConfigurer.java
View File

@ -424,7 +424,7 @@ public final class RememberMeConfigurer<H extends HttpSecurityBuilder<H>>
private String getKey() {
if (this.key == null) {
if (this.rememberMeServices instanceof AbstractRememberMeServices) {
this.key = ((AbstractRememberMeServices) rememberMeServices).getKey();
this.key = ((AbstractRememberMeServices) this.rememberMeServices).getKey();
}
else {
this.key = UUID.randomUUID().toString();

16
config/src/main/java/org/springframework/security/config/annotation/web/configurers/ServletApiConfigurer.java
View File

@ -70,24 +70,24 @@ public final class ServletApiConfigurer<H extends HttpSecurityBuilder<H>>
}
public ServletApiConfigurer<H> rolePrefix(String rolePrefix) {
securityContextRequestFilter.setRolePrefix(rolePrefix);
this.securityContextRequestFilter.setRolePrefix(rolePrefix);
return this;
}
@Override
@SuppressWarnings("unchecked")
public void configure(H http) {
securityContextRequestFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
this.securityContextRequestFilter.setAuthenticationManager(http.getSharedObject(AuthenticationManager.class));
ExceptionHandlingConfigurer<H> exceptionConf = http.getConfigurer(ExceptionHandlingConfigurer.class);
AuthenticationEntryPoint authenticationEntryPoint = exceptionConf == null ? null
: exceptionConf.getAuthenticationEntryPoint(http);
securityContextRequestFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
this.securityContextRequestFilter.setAuthenticationEntryPoint(authenticationEntryPoint);
LogoutConfigurer<H> logoutConf = http.getConfigurer(LogoutConfigurer.class);
List<LogoutHandler> logoutHandlers = logoutConf == null ? null : logoutConf.getLogoutHandlers();
securityContextRequestFilter.setLogoutHandlers(logoutHandlers);
this.securityContextRequestFilter.setLogoutHandlers(logoutHandlers);
AuthenticationTrustResolver trustResolver = http.getSharedObject(AuthenticationTrustResolver.class);
if (trustResolver != null) {
securityContextRequestFilter.setTrustResolver(trustResolver);
this.securityContextRequestFilter.setTrustResolver(trustResolver);
}
ApplicationContext context = http.getSharedObject(ApplicationContext.class);
if (context != null) {
@ -95,11 +95,11 @@ public final class ServletApiConfigurer<H extends HttpSecurityBuilder<H>>
if (grantedAuthorityDefaultsBeanNames.length == 1) {
GrantedAuthorityDefaults grantedAuthorityDefaults = context
.getBean(grantedAuthorityDefaultsBeanNames[0], GrantedAuthorityDefaults.class);
securityContextRequestFilter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
this.securityContextRequestFilter.setRolePrefix(grantedAuthorityDefaults.getRolePrefix());
}
}
securityContextRequestFilter = postProcess(securityContextRequestFilter);
http.addFilter(securityContextRequestFilter);
this.securityContextRequestFilter = postProcess(this.securityContextRequestFilter);
http.addFilter(this.securityContextRequestFilter);
}
}

10
config/src/main/java/org/springframework/security/config/annotation/web/configurers/UrlAuthorizationConfigurer.java
View File

@ -100,7 +100,7 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link ExpressionUrlAuthorizationConfigurer} for further customizations
*/
public StandardInterceptUrlRegistry getRegistry() {
return REGISTRY;
return this.REGISTRY;
}
/**
@ -176,7 +176,7 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
*/
@Override
FilterInvocationSecurityMetadataSource createMetadataSource(H http) {
return new DefaultFilterInvocationSecurityMetadataSource(REGISTRY.createRequestMap());
return new DefaultFilterInvocationSecurityMetadataSource(this.REGISTRY.createRequestMap());
}
/**
@ -191,10 +191,10 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
private StandardInterceptUrlRegistry addMapping(Iterable<? extends RequestMatcher> requestMatchers,
Collection<ConfigAttribute> configAttributes) {
for (RequestMatcher requestMatcher : requestMatchers) {
REGISTRY.addMapping(
this.REGISTRY.addMapping(
new AbstractConfigAttributeRequestMatcherRegistry.UrlMapping(requestMatcher, configAttributes));
}
return REGISTRY;
return this.REGISTRY;
}
/**
@ -334,7 +334,7 @@ public final class UrlAuthorizationConfigurer<H extends HttpSecurityBuilder<H>>
* @return the {@link UrlAuthorizationConfigurer} for further customization
*/
public StandardInterceptUrlRegistry access(String... attributes) {
addMapping(requestMatchers, SecurityConfig.createList(attributes));
addMapping(this.requestMatchers, SecurityConfig.createList(attributes));
return UrlAuthorizationConfigurer.this.REGISTRY;
}

22
config/src/main/java/org/springframework/security/config/annotation/web/configurers/X509Configurer.java
View File

@ -185,27 +185,27 @@ public final class X509Configurer<H extends HttpSecurityBuilder<H>>
}
private X509AuthenticationFilter getFilter(AuthenticationManager authenticationManager) {
if (x509AuthenticationFilter == null) {
x509AuthenticationFilter = new X509AuthenticationFilter();
x509AuthenticationFilter.setAuthenticationManager(authenticationManager);
if (x509PrincipalExtractor != null) {
x509AuthenticationFilter.setPrincipalExtractor(x509PrincipalExtractor);
if (this.x509AuthenticationFilter == null) {
this.x509AuthenticationFilter = new X509AuthenticationFilter();
this.x509AuthenticationFilter.setAuthenticationManager(authenticationManager);
if (this.x509PrincipalExtractor != null) {
this.x509AuthenticationFilter.setPrincipalExtractor(this.x509PrincipalExtractor);
}
if (authenticationDetailsSource != null) {
x509AuthenticationFilter.setAuthenticationDetailsSource(authenticationDetailsSource);
if (this.authenticationDetailsSource != null) {
this.x509AuthenticationFilter.setAuthenticationDetailsSource(this.authenticationDetailsSource);
}
x509AuthenticationFilter = postProcess(x509AuthenticationFilter);
this.x509AuthenticationFilter = postProcess(this.x509AuthenticationFilter);
}
return x509AuthenticationFilter;
return this.x509AuthenticationFilter;
}
private AuthenticationUserDetailsService<PreAuthenticatedAuthenticationToken> getAuthenticationUserDetailsService(
H http) {
if (authenticationUserDetailsService == null) {
if (this.authenticationUserDetailsService == null) {
userDetailsService(http.getSharedObject(UserDetailsService.class));
}
return authenticationUserDetailsService;
return this.authenticationUserDetailsService;
}
}

8
config/src/main/java/org/springframework/security/config/annotation/web/configurers/saml2/Saml2LoginConfigurer.java
View File

@ -210,9 +210,9 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
this.relyingPartyRegistrationRepository = getSharedOrBean(http, RelyingPartyRegistrationRepository.class);
}
saml2WebSsoAuthenticationFilter = new Saml2WebSsoAuthenticationFilter(getAuthenticationConverter(http),
this.saml2WebSsoAuthenticationFilter = new Saml2WebSsoAuthenticationFilter(getAuthenticationConverter(http),
this.loginProcessingUrl);
setAuthenticationFilter(saml2WebSsoAuthenticationFilter);
setAuthenticationFilter(this.saml2WebSsoAuthenticationFilter);
super.loginProcessingUrl(this.loginProcessingUrl);
if (hasText(this.loginPage)) {
@ -258,7 +258,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
registerDefaultAuthenticationProvider(http);
}
else {
saml2WebSsoAuthenticationFilter.setAuthenticationManager(this.authenticationManager);
this.saml2WebSsoAuthenticationFilter.setAuthenticationManager(this.authenticationManager);
}
}
@ -281,7 +281,7 @@ public final class Saml2LoginConfigurer<B extends HttpSecurityBuilder<B>>
return;
}
csrf.ignoringRequestMatchers(new AntPathRequestMatcher(loginProcessingUrl));
csrf.ignoringRequestMatchers(new AntPathRequestMatcher(this.loginProcessingUrl));
}
private void initDefaultLoginFilter(B http) {

39
config/src/main/java/org/springframework/security/config/annotation/web/messaging/MessageSecurityMetadataSourceRegistry.java
View File

@ -231,7 +231,7 @@ public class MessageSecurityMetadataSourceRegistry {
matcherToExpression.put(entry.getKey().build(), entry.getValue());
}
return ExpressionBasedMessageSecurityMetadataSourceFactory
.createExpressionMessageMetadataSource(matcherToExpression, expressionHandler);
.createExpressionMessageMetadataSource(matcherToExpression, this.expressionHandler);
}
/**
@ -378,8 +378,8 @@ public class MessageSecurityMetadataSourceRegistry {
* customization
*/
public MessageSecurityMetadataSourceRegistry access(String attribute) {
for (MatcherBuilder messageMatcher : messageMatchers) {
matcherToExpression.put(messageMatcher, attribute);
for (MatcherBuilder messageMatcher : this.messageMatchers) {
MessageSecurityMetadataSourceRegistry.this.matcherToExpression.put(messageMatcher, attribute);
}
return MessageSecurityMetadataSourceRegistry.this;
}
@ -418,7 +418,7 @@ public class MessageSecurityMetadataSourceRegistry {
}
public MessageMatcher<?> build() {
return matcher;
return this.matcher;
}
}
@ -435,16 +435,19 @@ public class MessageSecurityMetadataSourceRegistry {
}
public MessageMatcher<?> build() {
if (type == null) {
return new SimpDestinationMessageMatcher(pattern, pathMatcher);
if (this.type == null) {
return new SimpDestinationMessageMatcher(this.pattern,
MessageSecurityMetadataSourceRegistry.this.pathMatcher);
}
else if (SimpMessageType.MESSAGE == type) {
return SimpDestinationMessageMatcher.createMessageMatcher(pattern, pathMatcher);
else if (SimpMessageType.MESSAGE == this.type) {
return SimpDestinationMessageMatcher.createMessageMatcher(this.pattern,
MessageSecurityMetadataSourceRegistry.this.pathMatcher);
}
else if (SimpMessageType.SUBSCRIBE == type) {
return SimpDestinationMessageMatcher.createSubscribeMatcher(pattern, pathMatcher);
else if (SimpMessageType.SUBSCRIBE == this.type) {
return SimpDestinationMessageMatcher.createSubscribeMatcher(this.pattern,
MessageSecurityMetadataSourceRegistry.this.pathMatcher);
}
throw new IllegalStateException(type + " is not supported since it does not have a destination");
throw new IllegalStateException(this.type + " is not supported since it does not have a destination");
}
}
@ -460,31 +463,31 @@ public class MessageSecurityMetadataSourceRegistry {
private PathMatcher delegate = new AntPathMatcher();
public boolean isPattern(String path) {
return delegate.isPattern(path);
return this.delegate.isPattern(path);
}
public boolean match(String pattern, String path) {
return delegate.match(pattern, path);
return this.delegate.match(pattern, path);
}
public boolean matchStart(String pattern, String path) {
return delegate.matchStart(pattern, path);
return this.delegate.matchStart(pattern, path);
}
public String extractPathWithinPattern(String pattern, String path) {
return delegate.extractPathWithinPattern(pattern, path);
return this.delegate.extractPathWithinPattern(pattern, path);
}
public Map<String, String> extractUriTemplateVariables(String pattern, String path) {
return delegate.extractUriTemplateVariables(pattern, path);
return this.delegate.extractUriTemplateVariables(pattern, path);
}
public Comparator<String> getPatternComparator(String path) {
return delegate.getPatternComparator(path);
return this.delegate.getPatternComparator(path);
}
public String combine(String pattern1, String pattern2) {
return delegate.combine(pattern1, pattern2);
return this.delegate.combine(pattern1, pattern2);
}
void setPathMatcher(PathMatcher pathMatcher) {

30
config/src/main/java/org/springframework/security/config/annotation/web/socket/AbstractSecurityWebSocketMessageBrokerConfigurer.java
View File

@ -103,12 +103,12 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
@Override
public final void configureClientInboundChannel(ChannelRegistration registration) {
ChannelSecurityInterceptor inboundChannelSecurity = context.getBean(ChannelSecurityInterceptor.class);
registration.setInterceptors(context.getBean(SecurityContextChannelInterceptor.class));
ChannelSecurityInterceptor inboundChannelSecurity = this.context.getBean(ChannelSecurityInterceptor.class);
registration.setInterceptors(this.context.getBean(SecurityContextChannelInterceptor.class));
if (!sameOriginDisabled()) {
registration.setInterceptors(context.getBean(CsrfChannelInterceptor.class));
registration.setInterceptors(this.context.getBean(CsrfChannelInterceptor.class));
}
if (inboundRegistry.containsMapping()) {
if (this.inboundRegistry.containsMapping()) {
registration.setInterceptors(inboundChannelSecurity);
}
customizeClientInboundChannel(registration);
@ -116,7 +116,7 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
private PathMatcher getDefaultPathMatcher() {
try {
return context.getBean(SimpAnnotationMethodMessageHandler.class).getPathMatcher();
return this.context.getBean(SimpAnnotationMethodMessageHandler.class).getPathMatcher();
}
catch (NoSuchBeanDefinitionException e) {
return new AntPathMatcher();
@ -174,9 +174,9 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
@Bean
public MessageSecurityMetadataSource inboundMessageSecurityMetadataSource() {
inboundRegistry.expressionHandler(getMessageExpressionHandler());
configureInbound(inboundRegistry);
return inboundRegistry.createMetadataSource();
this.inboundRegistry.expressionHandler(getMessageExpressionHandler());
configureInbound(this.inboundRegistry);
return this.inboundRegistry.createMetadataSource();
}
/**
@ -223,14 +223,14 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
@Autowired(required = false)
public void setObjectPostProcessor(ObjectPostProcessor<Object> objectPostProcessor) {
defaultExpressionHandler = objectPostProcessor.postProcess(defaultExpressionHandler);
this.defaultExpressionHandler = objectPostProcessor.postProcess(this.defaultExpressionHandler);
}
private SecurityExpressionHandler<Message<Object>> getMessageExpressionHandler() {
if (expressionHandler == null) {
return defaultExpressionHandler;
if (this.expressionHandler == null) {
return this.defaultExpressionHandler;
}
return expressionHandler;
return this.expressionHandler;
}
public void afterSingletonsInstantiated() {
@ -239,7 +239,7 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
}
String beanName = "stompWebSocketHandlerMapping";
SimpleUrlHandlerMapping mapping = context.getBean(beanName, SimpleUrlHandlerMapping.class);
SimpleUrlHandlerMapping mapping = this.context.getBean(beanName, SimpleUrlHandlerMapping.class);
Map<String, Object> mappings = mapping.getHandlerMap();
for (Object object : mappings.values()) {
if (object instanceof SockJsHttpRequestHandler) {
@ -275,9 +275,9 @@ public abstract class AbstractSecurityWebSocketMessageBrokerConfigurer extends A
}
}
if (inboundRegistry.containsMapping() && !inboundRegistry.isSimpDestPathMatcherConfigured()) {
if (this.inboundRegistry.containsMapping() && !this.inboundRegistry.isSimpDestPathMatcherConfigured()) {
PathMatcher pathMatcher = getDefaultPathMatcher();
inboundRegistry.simpDestPathMatcher(pathMatcher);
this.inboundRegistry.simpDestPathMatcher(pathMatcher);
}
}

4
config/src/main/java/org/springframework/security/config/authentication/AuthenticationManagerFactoryBean.java
View File

@ -48,7 +48,7 @@ public class AuthenticationManagerFactoryBean implements FactoryBean<Authenticat
public AuthenticationManager getObject() throws Exception {
try {
return (AuthenticationManager) bf.getBean(BeanIds.AUTHENTICATION_MANAGER);
return (AuthenticationManager) this.bf.getBean(BeanIds.AUTHENTICATION_MANAGER);
}
catch (NoSuchBeanDefinitionException e) {
if (!BeanIds.AUTHENTICATION_MANAGER.equals(e.getBeanName())) {
@ -80,7 +80,7 @@ public class AuthenticationManagerFactoryBean implements FactoryBean<Authenticat
}
public void setBeanFactory(BeanFactory beanFactory) throws BeansException {
bf = beanFactory;
this.bf = beanFactory;
}
private <T> T getBeanOrNull(Class<T> type) {

8
config/src/main/java/org/springframework/security/config/authentication/PasswordEncoderParser.java
View File

@ -76,11 +76,11 @@ public class PasswordEncoderParser {
String ref = element.getAttribute(ATT_REF);
if (StringUtils.hasText(ref)) {
passwordEncoder = new RuntimeBeanReference(ref);
this.passwordEncoder = new RuntimeBeanReference(ref);
}
else {
passwordEncoder = createPasswordEncoderBeanDefinition(hash, useBase64);
((RootBeanDefinition) passwordEncoder).setSource(parserContext.extractSource(element));
this.passwordEncoder = createPasswordEncoderBeanDefinition(hash, useBase64);
((RootBeanDefinition) this.passwordEncoder).setSource(parserContext.extractSource(element));
}
}
@ -91,7 +91,7 @@ public class PasswordEncoderParser {
}
public BeanMetadataElement getPasswordEncoder() {
return passwordEncoder;
return this.passwordEncoder;
}
}

6
config/src/main/java/org/springframework/security/config/authentication/UserServiceBeanDefinitionParser.java
View File

@ -112,16 +112,16 @@ public class UserServiceBeanDefinitionParser extends AbstractUserDetailsServiceB
}
private String generateRandomPassword() {
if (random == null) {
if (this.random == null) {
try {
random = SecureRandom.getInstance("SHA1PRNG");
this.random = SecureRandom.getInstance("SHA1PRNG");
}
catch (NoSuchAlgorithmException e) {
// Shouldn't happen...
throw new RuntimeException("Failed find SHA1PRNG algorithm!");
}
}
return Long.toString(random.nextLong());
return Long.toString(this.random.nextLong());
}
}

4
config/src/main/java/org/springframework/security/config/core/userdetails/ReactiveUserDetailsServiceResourceFactoryBean.java
View File

@ -41,7 +41,7 @@ public class ReactiveUserDetailsServiceResourceFactoryBean
@Override
public MapReactiveUserDetailsService getObject() throws Exception {
Collection<UserDetails> users = userDetails.getObject();
Collection<UserDetails> users = this.userDetails.getObject();
return new MapReactiveUserDetailsService(users);
}
@ -52,7 +52,7 @@ public class ReactiveUserDetailsServiceResourceFactoryBean
@Override
public void setResourceLoader(ResourceLoader resourceLoader) {
userDetails.setResourceLoader(resourceLoader);
this.userDetails.setResourceLoader(resourceLoader);
}
/**

6
config/src/main/java/org/springframework/security/config/core/userdetails/UserDetailsResourceFactoryBean.java
View File

@ -98,9 +98,9 @@ public class UserDetailsResourceFactoryBean implements ResourceLoaderAware, Fact
}
private Resource getPropertiesResource() {
Resource result = resource;
if (result == null && resourceLocation != null) {
result = resourceLoader.getResource(resourceLocation);
Resource result = this.resource;
if (result == null && this.resourceLocation != null) {
result = this.resourceLoader.getResource(this.resourceLocation);
}
Assert.notNull(result, "resource cannot be null if resourceLocation is null");
return result;

Some files were not shown because too many files have changed in this diff Show More